SAP Single Sign-On offers support for X.509 certificates. X.509 certificates are highly interoperable, supporting both SAP and 3rd party web applications and clients, including many legacy systems. You can set up your own dedicated public-key infrastructure (PKI) to issue X.509 certificates, or have the Secure Login Server software, a component of SAP Single Sign-On, issue short-lived certificates. With the Secure Login Server software, you do not need to set up a full-blown PKI with its inherent administrative processes, such as certificate revocation lists, but you can still benefit from the same level of security. Enabling this kind of scenario means that users can sign on once to gain access not only to their SAP business applications but also to many of their non-SAP applications.
Implementing SSO with X.509 Certificates and Secure Login Server
In the following video series, you will learn how you can use X.509 certificates issued by the Secure Login Server component to provide single sign-on functionality as well as secure communication for SAP GUI/browser applications and SAP NetWeaver Application Server ABAP. The videos will describe the necessary configuration step-by-step.
Part 1: Overview / Initialization (8:03 min)
Part 2: SNC Configuration (5:12 min)
Part 3: Enrollment of User Certificate (4:53 min)
Part 4: Single Sign-On via SNC (2:00 min)
Part 5: Single Sign-On via SSL (6:29 min)
For more information about SAP Single Sign-On, visit https://www.sap.com/community/topic/sso.html.