In this doc we explain how to  link serveur smp (frrmurb-smp-105.urb.labo.local) with SAP ABAP instance T2J hosted on sapt2j.

1.  Check SSO2 configuration of SAP

RZ10 :

Go to url:

https://sapt2j.rm.corp.local:8100/sap/bc/bsp/sap/system_test/test_sso2.htm?sap-user=sap*&sap-password=pass&sap-client=100

Log in and you have this page :

In the same IE windows, change url to

https://sapt2j.rm.corp.local:8100/sap/bc/ping?sap-client=100.

If you have a popup which ask you to re log it is wrong, else you have :

2.  Generating a PSE file for SUP Server :

sapgenpse.exe get_pse  -p SNCTEST.pse –r abc.req –x abcpin “CN=frrmurb-smp-105.urb.labo.local,OU=TOTALM_S,C=FR”

·         Generate credential file  to initialize a new keystore for usage :

Sapgenpse seclogin –p SNCTEST.pse –O myuser -x mypassword

3.  Import the Sup PSE certificate into the SAP

On the SUP system, export the certificate from the PSE that was just created.

sapgenpse export_own_cert -v -p SNCTEST.pse -x abcpin -o SUP.crt

Strust:

Click on :

Save.

4.  Import the SAP certificate into SUP PSE

Strust :

Go on sup server.  Copy SAPT2J.crt in Sapcryptolib folder.

sapgenpse.exe maintain_pk -v -p SNCTEST.pse -x abcpin –a SAPT2J.crt

A SUP application restart will be needed here.

5.  Create a “Connections” profile for sup

Login into SUP SCC with an administrative account.

• Navigate to “Connections” node:

• Create a new connection by clicking on the “New…”

In order to test :

GW_ADMIN/GWADMIN

SNC Name	p: CN=frrmurb-smp-105.urb.labo.local,OU=TOTALM_S,C=FR
SNC Libray Path	C:\sapcryptolib\sapcrypto.dll
SNC Partner	p : CN=T2J, OU=URBTOTALMS, O=SAP, C=FR
SNC Level	1

If ok remove user and password :

OK

6.  Token provider URL

http://sapt2j.rm.corp.local:8000/sap/bc/bsp/sap/system_test/test_sso2.htm?sap-client=100

Remove NoSecLoginModule on all tab and validate:

If ok Apply: