Professional Documents
Culture Documents
Phase 1. Enable SSF Encryption Using Sapcryptolib
Phase 1. Enable SSF Encryption Using Sapcryptolib
If SSF encryption has been configured before, please jump to Phase 2. Otherwise please follow the
procedure below for Windows platform, or Note 662340 for other platforms.
Call Tcode SSFA, and specify "Private Address Book" and "SSF Profile Name"
Click on "New Entries" - get to next screen; then select "Encryption of Paymant Card in SAP system", hit
"Enter" key and Save. The default parameters should work.
Step 2. Check the folder "Encryption of Payment Card" created in Tcode STRUST
Execute program SSF_CREATE_PSE from Tcode SE38. (We found that it is easier to call SSF_CREATE_PSE
than using Tcode STRUST for this step.) Give the distinguished name you want to use. We also selected
the longest key length for stronger security.
Call Tcode STRUST, expend "Encryption of Payment Card" on the left and double-click the item
<Server_SID_Instance> under it, then select the certificate displayed on the right (it should have the
distinguished name you gave in the previous step). The self-issued certificate could be used. If you want
to use external trust center, click on "Create Certificate Request" to get the request, and click "Improt
Cert. Response" after the certificate is generated.
Step 5. Execute report SAPFACCG in Tcode SE38 once
Call Tcode SM30 and maintain view CCARDEC_V. Add VISA, MC, and AMEX as Payment Card Type and
check "Encrypted" respectively.
Execute report CCARDEC_CHECK from Tcode SE38, only select P_TOOLS, and you should get the results
like the following