Skip to Content
Technical Articles

Enable Note Assistant to Support Digitally Signed SAP Notes

SAP is making SAP Notes more secure by ensuring all SAP Notes are digitally signed. The SAP Notes files can get maliciously modified and the customer unknowingly can upload the maliciously modified SAP Notes files into their ABAP systems. Therefore, SAP plans to deliver all SAP Notes files with digital signature to protect SAP Notes files with increased authenticity and improved security. We strongly recommend customers to upload only digitally signed SAP Note files.

Post January 1, 2020, the download and upload process will stop working unless Note Assistant (SNOTE transaction) is enabled in ABAP systems to work with digitally signed SAP Notes.

The digitally signed SAP Notes are available as SAR files. All SAP Notes downloaded through SAP ONE Support Launchpad are digitally signed SAR files.

  • To enable Note Assistant (SNOTE) for downloading and uploading digitally signed SAP Notes, please implement SAP Notes  24080732546220 and 2508268.
  • An equivalent Transport-Based Correction Instruction (TCI) is available as SAP Note 2576306 containing the SAP Notes 24080732546220 and 2508268. If the Note Assistant in your ABAP system is enabled for TCI, It is recommended to implement TCI SAP Note 2576306 instead of applying the above individual SAP Notes.

The Note Assistant tool will use the SAPCAR utility on the application server to verify the digital signature of the uploaded SAP Note. Please ensure required patch level of SAPCAR executable is available on your system. If not, the digital signature verification fails and the files are not extracted. Once you have implemented the above SAP Notes, you may test the working of upload of digitally signed SAP Note feature by uploading a sample SAR file attached  to the SAP Security Note 2408073. Further details about enabling Note Assistant to support digitally signed SAP Notes are described in the user guide attached to the SAP Security Note 2408073.

Watch out the Note Assistant Page on SAP Support Portal, for the latest updates.

For more details please refer:

  • SAP Note 2537133 for FAQs on Digitally Signed SAP Notes
  • Webinars in English and German. Click here to view the presentation
  • Cheat Sheet for enabling SNOTE for Digitally Signed SAP Notes and for TCI
5 Comments
You must be Logged on to comment or reply to a post.
  • Hi,

    we implemented the Download Service using TCI Note 0002576306. Report RCWB_UNSIGNED_NOTE_CONFIG was used to set “Do not download unsigned SAP Note”

    Report RCWB_SNOTE_DWNLD_PROC_CONFIG was used to set “Download service Application” as download procedure. When testing corresponding RFC to notesdownloads.sap.com we get response 400 (Bad request).

    Nevertheless, we receive the error message “E:SCWN:810 SAP_DOWNLOAD_SERVICE” when trying to download a note which needs the download service (e.g. 2538018).

    Any suggestions?

    Thanks,

    Mark

    • Hi Mark,

      Apologies for the delayed response. I hope issue is resolved by now, if not  please raise a ticket on component BC-UPG-NA. It helps us analyse the issue more effectively.

      Best Regards,

      Priti

       

  • Hi Priti,

    To enable Note Assistant (SNOTE) for downloading and uploading digitally signed SAP Notes, we need to implement SAP Notes  2408073, 2546220 and 2508268.And 2554853 is required for Download system if we want to use Download Service applications.

    After implementing above SAP notes, RCWB_SNOTE_DWNLD_PROC_CONFIG will enable 3 select procedure to Download SAP note –

    1) Remote Functional Call (RFC)  –> This option will use SAPOSS ABAP RFC connection with OSS_RFC user and will be used in case of fallback to Download of Unassigned SAP Notes ?

    2) HTTP Protocol  –> Both RFC connections will be generated automatically or we need to create both RFC manually ?
    a) RFC Destination (H Type) for SAP Support Portal
    b) RFC Destination (G Type) for SAP Note Download

    3) Download Service Application –> Which one is better Option -> Option-2 (HTTP Protocol) or Option-3 (Download Service Application) for Digitally signed SAP Notes.

     

    Gaurav