Digital Signature

R/3 and J2EE Setup for Digital Signature onForm 16 in HR Systems

© SAP 2009 /

1. R/3 - Setup1.1. Transaction code STRUST1.2. Transaction code SM59

2. J2EE - Setup2.1. Key Storage2.2. Security Provider2.3. SSL Provider

3. J2EE – Document Services Configuration3.1. Digital Signature File

Agenda

© SAP 2009 /

Before you start the setup -

1. You should be on SAP ERP 6.0 or higher Release along with Adobe DocumentServer (ADS)

2. You should have a valid digital signature available with you, in supported format.For further information, refer to –1. SAP Note 11687402. URL: https://incometaxindiaefiling.gov.in/portal/faq.do

Once these pre-requisites are met, you can start with set up needed on R/3 andJ2EE server to get digitally signed Form 16.

https://incometaxindiaefiling.gov.in/portal/faq.do

© SAP 2009 /

R/3 Setup – STRUST

Transaction code: STRUST1. Select the newly created ‘SSL Client SOAPClient’2. Select Edit -> Create Certificate Request3. Copy the Request and sign it (SAPNetCA)

a) Select Edit -> Import Certificate Response and saveb) Double click and select ‘SSL Client SOAPClient’ option to load the certificatec) Add ‘SSO_CA’ and ‘SAPNetCA’ to Certificate List and save

4. Export Certificate as shown in the next slide

© SAP 2009 /

R/3 Setup – STRUST

In the lower frame, select ‘Export Certificate’ option and save as ‘Base64’

© SAP 2009 /

R/3 Setup – SM59

Transaction code: SM59 -> HTTP Connection to External Server and create ADS_HTTPS

In Technical Settings tab, Target Host -> Web-Dispatcher URL, no port

Pay attention to the Path Prefix

© SAP 2009 /

R/3 Setup – SM59

In the ‘Logon & Security’ tab, maintain the sections as follows:

© SAP 2009 /




Agenda

© SAP 2009 /

J2EE – Key Storage

Copy the certificate you saved earlier at OS level to the NW JAVA engine, to adirectory that is accessible by the ‘J2EE_admin’ user.

We will need the certificate in the Visual Administrator.

Steps:

1. Logon to the Visual Administrator with user ‘J2EE_admin’

2. Go to Server -> Services -> Key Storagea. Create a view with the name, 'ADSCerts'.b. Choose Load option to load the certificate.c. With the same mechanism also load this certificate into the TrustedCAs view.

See next slides for screenshots…

© SAP 2009 /

J2EE – Key Storage

© SAP 2009 /

J2EE – Security Provider

Assign the certificate to the ADSUser.

1. Go to the security provider service

2. On the User management tab, select ADSUser in the ‘Name’ field and select‘Change’ option.

3. In Certificates text box, choose ‘Add’ option

4. Assign the certificate that you have just loaded to the ‘ADSCerts’ view (SeeScreen shot)

5. Select ‘Change’ option again.

© SAP 2009 /

J2EE – Security Provider

<Back>

© SAP 2009 /

J2EE – SSL Provider

Set up the SSL provider to request the ADS User's certificate

Go to the SSL provider Service

Open the HTTPS port of the J2EE engine and go to Client authentication tab.

Add the certificate we loaded to the ‘TrustedCAs’ to the list

Ensure that you select the Request client certificate option

It should look similar to the screenshot on the next slide:

© SAP 2009 /

J2EE – Document Services Configuration

Digital Signature File

You should have received a digital signature file called ‘xxxxx.pfx’ and relevantpassword.

You must copy this .pfx file, in our case “Digisign.pfx”, to the operating system ofyour J2EE server in the location as shown below:

© SAP 2009 /


Digital Signature File

1. In the Visual Administrator go to, Server -> Services -> Document ServicesConfiguration

2. Maintain the lower part in the right frame as follows:1. Set Type as ‘P12 Record’2. In the Alias field, enter ‘ServerSignature’3. In the P12 File field, browse and select your digital signature file4. Leave the Sha1 field blank5. Enter the password twice6. Select the Add button

See the next slide for screenshot.

© SAP 2009 /

Further Information

SAP Note: 1168740 (Digital Signature for Form 16)

Further information about setup:https://www.sdn.sap.com/irj/scn/weblogs?blog=/pub/wlg/8185

India Income Tax department website – reference to digital signature on Form 16:https://incometaxindiaefiling.gov.in/portal/faq.do

https://www.sdn.sap.com/irj/scn/weblogs?blog=/pub/wlg/8185

https://incometaxindiaefiling.gov.in/portal/faq.do

© SAP 2009 /

Copyright 2009 SAP AGAll Rights Reserved

No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP AG. The information contained hereinmay be changed without prior notice.

Some software products marketed by SAP AG and its distributors contain proprietary software components of other software vendors.

Microsoft, Windows, Excel, Outlook, and PowerPoint are registered trademarks of Microsoft Corporation.

IBM, DB2, DB2 Universal Database, System i, System i5, System p, System p5, System x, System z, System z10, System z9, z10, z9, iSeries, pSeries, xSeries, zSeries,eServer, z/VM, z/OS, i5/OS, S/390, OS/390, OS/400, AS/400, S/390 Parallel Enterprise Server, PowerVM, Power Architecture, POWER6+, POWER6, POWER5+,POWER5, POWER, OpenPower, PowerPC, BatchPipes, BladeCenter, System Storage, GPFS, HACMP, RETAIN, DB2 Connect, RACF, Redbooks, OS/2, Parallel Sysplex,MVS/ESA, AIX, Intelligent Miner, WebSphere, Netfinity, Tivoli and Informix are trademarks or registered trademarks of IBM Corporation.

Linux is the registered trademark of Linus Torvalds in the U.S. and other countries.

Adobe, the Adobe logo, Acrobat, PostScript, and Reader are either trademarks or registered trademarks of Adobe Systems Incorporated in the United States and/or othercountries.

Oracle is a registered trademark of Oracle Corporation.

UNIX, X/Open, OSF/1, and Motif are registered trademarks of the Open Group.

Citrix, ICA, Program Neighborhood, MetaFrame, WinFrame, VideoFrame, and MultiWin are trademarks or registered trademarks of Citrix Systems, Inc.

HTML, XML, XHTML and W3C are trademarks or registered trademarks of W3C®, World Wide Web Consortium, Massachusetts Institute of Technology.

Java is a registered trademark of Sun Microsystems, Inc.

JavaScript is a registered trademark of Sun Microsystems, Inc., used under license for technology invented and implemented by Netscape.

SAP, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP Business ByDesign, and other SAP products and services mentioned herein as well as their respective logosare trademarks or registered trademarks of SAP AG in Germany and other countries.

Business Objects and the Business Objects logo, BusinessObjects, Crystal Reports, Crystal Decisions, Web Intelligence, Xcelsius, and other Business Objects products andservices mentioned herein as well as their respective logos are trademarks or registered trademarks of Business Objects S.A. in the United States and in other countries.Business Objects is an SAP company.

All other product and service names mentioned are the trademarks of their respective companies. Data contained in this document serves informational purposes only.National product specifications may vary.

These materials are subject to change without notice. These materials are provided by SAP AG and its affiliated companies ("SAP Group") for informational purposes only,without representation or warranty of any kind, and SAP Group shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP Groupproducts and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construedas constituting an additional warrant.

Digital Signature

Documents

Transcript of Digital Signature