You are using one or several SAP® plug-ins from AEB (e.g. ATC :: AES; ATC :: Compliance) and a direct Web service call of an AEB data center component (e.g. AES Engine in the AEB data center as a clearing solution, Compliance Engine hosted in the AEB data center, etc.).
The connection to the AEB data center is currently secured via a security certificate by Symantec company (formerly "VeriSign").
New security standards necessitate maintenance and updates of such certificates when accessing the AEB data center via Web service directly. As Symantec are withdrawing from the business with SSL certificates, we are forced to replace our certificates in the AEB data center accordingly. The company DigiCert, Inc. is AEB’s new SSL certificate partner.
The change of provider results in a change of the configuration of your connection with the AEB data center if it is based on a direct Web service. DigiCert has made available new intermediate certificates. We have made them available to you in the AEB Customer Portal together with a detailed description of the configuration change.
The described settings must be implemented by July 15, 2018, if this is necessary for your company. Please forward this information to your responsible SAP administrator for conducting the check and implementing any changes, if required.
There are two possible connection types for connecting with the AEB data center.
To find out your connection type, user SAP® transaction “SM30” (alternatively use transaction /n/AEB/RS or go to the ATC Cockpit – Connection settings).
Run the transaction "SM30" and open the maintenance view "/AEB/01_RS".
Should you find one or more entries with "Web service" and the target machine of the connection with "rz3.aeb.de" is specified in transaction "SM59", you are affected by the exchange of the security certificate.
If "RFC Remote Function Call" is exclusively entered here or there are no entries available, "connection type 1" is selected and you are not affected by an exchange of certificates.
1. For the update, you will need to save the following four Cer files from DigiCert on your computer.
Note: Please also consider testing and development systems that might be communicating with the AEB data center.
2. Import the new certificate in addition to the already installed certificates via the SAP® transaction "STRUST". To do so open the SAP® Trust Manager
and import the first downloaded certificate under the "SSL Client (Standard)" branch. Select "binary" as import data format.
3. Having imported the file, add the certificate to the certificate list.
Save the transaction and repeat the import for the other three certificates.
4. Save the list of certificates and distribute the certificates to all application servers:
5. Afterwards, restart the Internet Communication Manager (ICM) in the "SMICM" transaction under "Administration | ICM | Exit Soft | Global".
For more information about the SAP® SSL implementation, for example refer to the following SAP® OSS notes: 1739681, 1740744, and 1856192.
If you have any questions, please contact the AEB Services team by e-mail at support(at)aeb.com or by phone at +49 711 72842-110.