Upload
aakash-yadav
View
100
Download
6
Tags:
Embed Size (px)
DESCRIPTION
How to setup Digital Signature in SAP using ADS and different java machine
Citation preview
R/3 and J2EE Setup for Digital Signature onForm 16 in HR Systems
© SAP 2009 / Page 2
1. R/3 - Setup1.1. Transaction code STRUST1.2. Transaction code SM59
2. J2EE - Setup2.1. Key Storage2.2. Security Provider2.3. SSL Provider
3. J2EE – Document Services Configuration3.1. Digital Signature File
Agenda
© SAP 2009 / Page 3
Before you start the setup -
1. You should be on SAP ERP 6.0 or higher Release along with Adobe DocumentServer (ADS)
2. You should have a valid digital signature available with you, in supported format.For further information, refer to –1. SAP Note 11687402. URL: https://incometaxindiaefiling.gov.in/portal/faq.do
Once these pre-requisites are met, you can start with set up needed on R/3 andJ2EE server to get digitally signed Form 16.
© SAP 2009 / Page 4
R/3 Setup – STRUST
Transaction code: STRUST1. Select the newly created ‘SSL Client SOAPClient’2. Select Edit -> Create Certificate Request3. Copy the Request and sign it (SAPNetCA)
a) Select Edit -> Import Certificate Response and saveb) Double click and select ‘SSL Client SOAPClient’ option to load the certificatec) Add ‘SSO_CA’ and ‘SAPNetCA’ to Certificate List and save
4. Export Certificate as shown in the next slide
© SAP 2009 / Page 5
R/3 Setup – STRUST
In the lower frame, select ‘Export Certificate’ option and save as ‘Base64’
© SAP 2009 / Page 6
R/3 Setup – SM59
Transaction code: SM59 -> HTTP Connection to External Server and create ADS_HTTPS
In Technical Settings tab, Target Host -> Web-Dispatcher URL, no port
Pay attention to the Path Prefix
© SAP 2009 / Page 7
R/3 Setup – SM59
In the ‘Logon & Security’ tab, maintain the sections as follows:
© SAP 2009 / Page 8
1. R/3 - Setup1.1. Transaction code STRUST1.2. Transaction code SM59
2. J2EE - Setup2.1. Key Storage2.2. Security Provider2.3. SSL Provider
3. J2EE – Document Services Configuration3.1. Digital Signature File
Agenda
© SAP 2009 / Page 9
J2EE – Key Storage
Copy the certificate you saved earlier at OS level to the NW JAVA engine, to adirectory that is accessible by the ‘J2EE_admin’ user.
We will need the certificate in the Visual Administrator.
Steps:
1. Logon to the Visual Administrator with user ‘J2EE_admin’
2. Go to Server -> Services -> Key Storagea. Create a view with the name, 'ADSCerts'.b. Choose Load option to load the certificate.c. With the same mechanism also load this certificate into the TrustedCAs view.
See next slides for screenshots…
© SAP 2009 / Page 10
J2EE – Key Storage
© SAP 2009 / Page 11
J2EE – Key Storage
© SAP 2009 / Page 12
J2EE – Security Provider
Assign the certificate to the ADSUser.
1. Go to the security provider service
2. On the User management tab, select ADSUser in the ‘Name’ field and select‘Change’ option.
3. In Certificates text box, choose ‘Add’ option
4. Assign the certificate that you have just loaded to the ‘ADSCerts’ view (SeeScreen shot)
5. Select ‘Change’ option again.
© SAP 2009 / Page 13
J2EE – Security Provider
<Back>
© SAP 2009 / Page 14
J2EE – SSL Provider
Set up the SSL provider to request the ADS User's certificate
Go to the SSL provider Service
Open the HTTPS port of the J2EE engine and go to Client authentication tab.
Add the certificate we loaded to the ‘TrustedCAs’ to the list
Ensure that you select the Request client certificate option
It should look similar to the screenshot on the next slide:
© SAP 2009 / Page 15
J2ee – SSL Provider
© SAP 2009 / Page 16
1. R/3 - Setup1.1. Transaction code STRUST1.2. Transaction code SM59
2. J2EE - Setup2.1. Key Storage2.2. Security Provider2.3. SSL Provider
3. J2EE – Document Services Configuration3.1. Digital Signature File
Agenda
© SAP 2009 / Page 17
J2EE – Document Services Configuration
Digital Signature File
You should have received a digital signature file called ‘xxxxx.pfx’ and relevantpassword.
You must copy this .pfx file, in our case “Digisign.pfx”, to the operating system ofyour J2EE server in the location as shown below:
© SAP 2009 / Page 18
J2EE – Document Services Configuration
Digital Signature File
1. In the Visual Administrator go to, Server -> Services -> Document ServicesConfiguration
2. Maintain the lower part in the right frame as follows:1. Set Type as ‘P12 Record’2. In the Alias field, enter ‘ServerSignature’3. In the P12 File field, browse and select your digital signature file4. Leave the Sha1 field blank5. Enter the password twice6. Select the Add button
See the next slide for screenshot.
© SAP 2009 / Page 19
J2EE – Document Services Configuration
© SAP 2009 / Page 20
J2EE – Document Services Configuration
Your configuration should be like below:
© SAP 2009 / Page 21
Further Information
SAP Note: 1168740 (Digital Signature for Form 16)
Further information about setup:https://www.sdn.sap.com/irj/scn/weblogs?blog=/pub/wlg/8185
India Income Tax department website – reference to digital signature on Form 16:https://incometaxindiaefiling.gov.in/portal/faq.do
© SAP 2009 / Page 22
Copyright 2009 SAP AGAll Rights Reserved
No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP AG. The information contained hereinmay be changed without prior notice.
Some software products marketed by SAP AG and its distributors contain proprietary software components of other software vendors.
Microsoft, Windows, Excel, Outlook, and PowerPoint are registered trademarks of Microsoft Corporation.
IBM, DB2, DB2 Universal Database, System i, System i5, System p, System p5, System x, System z, System z10, System z9, z10, z9, iSeries, pSeries, xSeries, zSeries,eServer, z/VM, z/OS, i5/OS, S/390, OS/390, OS/400, AS/400, S/390 Parallel Enterprise Server, PowerVM, Power Architecture, POWER6+, POWER6, POWER5+,POWER5, POWER, OpenPower, PowerPC, BatchPipes, BladeCenter, System Storage, GPFS, HACMP, RETAIN, DB2 Connect, RACF, Redbooks, OS/2, Parallel Sysplex,MVS/ESA, AIX, Intelligent Miner, WebSphere, Netfinity, Tivoli and Informix are trademarks or registered trademarks of IBM Corporation.
Linux is the registered trademark of Linus Torvalds in the U.S. and other countries.
Adobe, the Adobe logo, Acrobat, PostScript, and Reader are either trademarks or registered trademarks of Adobe Systems Incorporated in the United States and/or othercountries.
Oracle is a registered trademark of Oracle Corporation.
UNIX, X/Open, OSF/1, and Motif are registered trademarks of the Open Group.
Citrix, ICA, Program Neighborhood, MetaFrame, WinFrame, VideoFrame, and MultiWin are trademarks or registered trademarks of Citrix Systems, Inc.
HTML, XML, XHTML and W3C are trademarks or registered trademarks of W3C®, World Wide Web Consortium, Massachusetts Institute of Technology.
Java is a registered trademark of Sun Microsystems, Inc.
JavaScript is a registered trademark of Sun Microsystems, Inc., used under license for technology invented and implemented by Netscape.
SAP, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP Business ByDesign, and other SAP products and services mentioned herein as well as their respective logosare trademarks or registered trademarks of SAP AG in Germany and other countries.
Business Objects and the Business Objects logo, BusinessObjects, Crystal Reports, Crystal Decisions, Web Intelligence, Xcelsius, and other Business Objects products andservices mentioned herein as well as their respective logos are trademarks or registered trademarks of Business Objects S.A. in the United States and in other countries.Business Objects is an SAP company.
All other product and service names mentioned are the trademarks of their respective companies. Data contained in this document serves informational purposes only.National product specifications may vary.
These materials are subject to change without notice. These materials are provided by SAP AG and its affiliated companies ("SAP Group") for informational purposes only,without representation or warranty of any kind, and SAP Group shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP Groupproducts and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construedas constituting an additional warrant.