Additional Blogs by Members
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to automatically select SAP client certificate in Google Chrome

Former Member
‎10-22-2013 9:30 AM

If you are using Google Chrome and SAP Passport and you are tired of constantly selecting certificates while browsing SAP sites I have something for you. The following procedure has been tested on Windows 8.1 Enterprise and Chrome 30÷37, but should work on Windows 7/8 as well as other Chrome versions:

  1. Download and extract Chrome policy templates from here: http://dl.google.com/dl/edgedl/chrome/policy/policy_templates.zip
  2. Start the Local Group Policy Editor: Start > Run > gpedit.msc > OK
  3. Right-click on Computer Policy > Computer Configuration > Administrative Templates and choose Add/Remove Templates...
  4. Click Add..., choose policy_templates\windows\adm\en-US\chrome.adm (from the already downloaded and extracted policy templates) and click Open (Note: if your Windows language is different from en-US choose the chrome.adm from the respective language folder)
  5. Navigate to Local Computer Policy > Computer Configuration > Administrative Templates > Classic Administrative Templates (ADM) > Google > Google Chrome > Content Settings
  6. Double-click on Automatically select client certificates for these sites
  7. Click Enabled
  8. Click Show... in the Options pane
  9. Consecutively add the following lines:

    {"pattern":"https://[*.]sap.corp","filter":{"ISSUER":{"CN":"SAP Passport CA"}}}

    {"pattern":"https://[*.]sap.com","filter":{"ISSUER":{"CN":"SAP Passport CA"}}}

    {"pattern":"https://[*.]sap-ag.de","filter":{"ISSUER":{"CN":"SAP Passport CA"}}}

  10. Click OK
  11. Re-launch Chrome
  12. Done. No more annoying pop-ups!


If you're on a Mac you'll have to create/edit file /Library/Preferences/com.google.Chrome.plist and insert the following code (extend it for more server addresses):

<plist version="1.0">

<dict>

  <key>AutoSelectCertificateForUrls</key>

   <array>

     <string>{"pattern":"[*.]sap.corp","filter":{"ISSUER":{"CN":"SAP Passport CA"}}}</string>

     <string>{"pattern":"[*.]sap.com","filter":{"ISSUER":{"CN":"SAP Passport CA"}}}</string>

     <string>{"pattern":"[*.]sap-ag.de","filter":{"ISSUER":{"CN":"SAP Passport CA"}}}</string>

   </array>

</dict>

</plist>

Note: for some users (SAP employees and not partners/clients) the issuer should be SSO_CA instead of SAP Passport CA


Special thanks to steffen and boris.tsirulnik for their contribution to this post!

55 Comments
Popular Blog Posts