Skip to Content
Technical Articles
Author's profile photo Gurdeep Antil

Single Sign-On to the SAP CRM Web UI in Solution Manager 7.2

Business case : While using charm in solution manager, change manger receives an email notification to approve the change request via CRM_UI link in the email body.  Once change manager clicks on the given URL in email, it is required to enter username password to see the required CR for approval.

It is possible to make use of Microsoft certificate store to open below Solution manager link without need of entering username/password.

CRM_UI link:– https://<hostname>:<port>/sap/bc/bsp/sap/crm_ui_start/default.htm

Steps to follow :-

  1. Configure service (SICF)
  2. Sign SSL server PSE (Strust)
  3. Create Rule for certificate Logon  (CERTRULE)


  1. Configure service in SICF

Change security requirement from standard to SSL & save your changes


Step 2 :Sign SSL server PSE (Strust)

PSE before signing

PSE after signing by Signing Authority

3. Create Rule for certificate Logon  (CERTRULE)

Prerequisite:- Please check if SAP note 2722739 is applicable.

Add below parameter in instance profile

login/certificate_mapping_rulebased =1 

Note:- System restart is required for permanent change, however the parameter value can be changed dynamically in RZ11

Go to transaction CERTRULE

import your Microsoft store certificate. to create the rule

Go in Edit mode to create rule


if all information is correct below status will be green

Result :- The user is able to access CRM_UI url without entering username password. The credentials are verified with Microsoft certified Store information.

Assigned Tags

      Be the first to leave a comment
      You must be Logged on to comment or reply to a post.