Certificates required during SharePoint configuration

Hi,
I would like to understand what all certificates we have to install in SharePoint servers as part of fresh installation and configuration? To my understanding, we have to import SSL web certificates for web applications using port 443/HTTPS/SSL communication.
Is my understanding correct? Any help on this certificate requirements is much appreciated.
BR, Sarath

Hi,
typically you choose to access our SharePoint through SSL. So yes, for each Web Application you will need a SSL certificate either from an internal trusted CA or a public one. You need to add it to the bindings in IIS directly.
Furthermore if you plan to use the SharePoint 2013 App Model, there are additional requirements where you typically need a wildcard certificate.
If you have any questions, please let me know.
Regards,
Dennis

Similar Messages

Certificate required during receipts

Hi Experts,
I have configured the following in SPRO---> Control key in QM Proc.
1. QM Control key created with Tick in Certificate required & Block Invoice
2. Certificate type defined with tick in all the following for
            Certi for each PO item,
            GR items,
            assigned control with certificate error: without lot: Error message; with lot: Status, No skip to Stock
            Enhanced certificate processing
            No certificate check at GR
3. Material master
    Tick in QM Proc
    QM Control key selected
   Certificate type selected
But I am not getting error in during GR & UD.
Pls help me to solve this issue
Regards,
VRMP

Have you tried using the indicator "Certifiicate check required" in the certificate type?
FF

Certificate Requirements and HTTPS configuration

if implement we https communication on configuration manager doe it mean all computers have to go through https

No you can run both http and https by adding an additional MP / DP.
http://blogs.technet.com/b/configmgrteam/archive/2012/05/25/system-center-2012-configuration-manager-r-i-p-native-mode.aspx
Some good info here:
I have used the below multiple times with no issues, it's very easy to follow.
http://sccmguy.com/2013/11/26/pki-certificates-for-configuration-manager-2012-r2-part-1-of-4-web-server-certificate/
http://www.petervanderwoude.nl/post/five-key-configuration-steps-for-implementing-internet-based-clients-in-configmgr-2012/

SSL requirements for SharePoint appps

Hello experts,
Please can SAN certificates been used for configuring SharePoint 2013 apps or the requirements will be a wild card certificates.
Thanks

Hi,
As per my understanding, you can use a SAN certificate for this.
Just make sure that you include *.appdomain.com in the SAN certificate.
Nico Martens
SharePoint/Office365/Azure Consultant

Lync 2013 certificate requirements for multiple SIP domains

Hi All,
I am engaged with a client in respect of a Lync 2013 implementation initially as a conferencing platform with a view to enabling EV functions (inc. PSTN conferencing) in the future. They initially need to support 30 SIP domains and eventually
around 100 SIP domains which is proving to be either not possible or severely cost prohibitive. Their current certificate provider, Thawte, can only support up to 25 SANs and have quoted them 5 figures. We tend to use GeoTrust as they are cheaper but they
appear to have a limit of 25 SANs. GoDaddy appear to support up to 100 SANs for a pretty reasonable cost. My questions are as follows:
Is there a way that I’m missing of reducing the number of SANs required on the Edge server?
Use aliases for access edge FQDNs - Supported by desktop client but not by other devices so not really workable
Don’t support XMPP federation therefore removing the need for domain name FQDNs for each SIP domain
Is there a way that I’m missing of reducing the number of SANs required on the Reverse Proxy server?
Friendly URL option 3 from this page:
http://technet.microsoft.com/en-us/library/gg398287.aspx
Client auto-configuration:
i.
Don’t support mobile client auto-configuration in which case no lyncdiscover.sipdomain1.com DNS records or SANs would be required.
ii.
Support mobile client auto-configuration over HTTP only in which case CNAME records are required for each SIP domain (lyncdiscover.sipdomain1.com, etc. pointing to lyncdiscover.designateddomain.com) but no SANs are required.
iii.
Support mobile client auto-configuration over HTTPS in which case DNS records are required for each SIP domain and a SAN entry for each SIP domains is also required. This is because a DNS CNAME to another domain is not supported over
HTTPS.
If the answer to 1 and/or 2 is no, are there certificate providers that support over 100 SANs?
How do certificate requirements differ when using the Lync 2013 hosting pack? I would think that this issue is something that a hosting provider would need to overcome.
Would the Lync 2013 Hosting Pack work for this customer? The customer uses SPLA licensing so I think is eligible to use the hosting pack but not 100% sure it will work in their environment given that client connections are supposed
to all come through the Edge where their tenants will be internal and also given the requirement for an ACP for PSTN conferencing.
Many thanks,

Many thanks for the response.
I was already planning to use option 3 from the below page for simple URLs to cut down on SAN requirement.
http://technet.microsoft.com/en-us/library/gg398287.aspx
What are the security concerns for publishing autodiscover over port 80? I.e. Is this only used for the initial download of the discovery record and then HTTPS is used for authentication? This seems to be the case from the following note on the below page:
http://technet.microsoft.com/en-gb/library/hh690030.aspx
Mobile device clients do not support multiple Secure Sockets Layer (SSL) certificates from different domains. Therefore, CNAME redirection to different domains is not supported over HTTPS. For example, a DNS CNAME record for lyncdiscover.contoso.com that redirects
to an address of director.contoso.net is not supported over HTTPS.
In such a topology, a mobile device client needs to use HTTP for the first request, so that the CNAME redirection is resolved over HTTP. Subsequent requests then use HTTPS. To support this scenario, you need to configure your reverse proxy with a web publishing
rule for port 80 (HTTP).
For details, see "To create a web publishing rule for port 80" in Configuring the Reverse Proxy for Mobility. CNAME redirection to the same domain is supported over HTTPS. In this case, the destination domain's certificate covers the originating
domain.”
I don’t think SRV records for additional SIP domain access edge is a workable solution as this is not supported by some devices.
As per the below article:
http://blog.schertz.name/2012/07/lync-edge-server-best-practices/
“The recommended approach for external client Automatic Sign-In when supporting multiple SIP domains is to include a unique Access Edge FQDN for each domain name in the SAN field. This is no longer a requirement (it was in OCS) as it is possible to
create a DNS Service Locator Record (SRV) for each additional SIP domain yet have them all point back to the same original FQDN for the Access Edge service (e.g. sip.mslync.net).
This approach will trigger a security alert in Windows Lync clients which can be accepted by the user, but some other clients and devices are unable to connect when the Automatic Sign-In process returns a pair of SRV and Host (A) records which do not share
the same domain namespace. Thus it is still best practice to define a unique FQDN for each additional SIP domain and include that hostname in the external Edge certificate’s SAN field”.
===================
1. Basically the requirement is to initially provide Lync conferencing services (minus PSTN conferencing) to internal, external, federated and anonymous participants with a view to providing PSTN conferencing and therefore enterprise voice services later.
2. The customer currently supports close to 100 SMTP domains and wants to align their SIP domains with these existing domains. The structure of their business is such that “XXX IT Services” provide the IT infrastructure for a collection of companies who
fall under the XXX umbrella but are very much run as individual entities.
Question:
Would you agree that I’m going to need a SAN for every SIP domain’s access edge FQDN?
Thanks.

SOAP Receiver Adapter problem (client certificate required)

My Scenario is similar to described in https://www.sdn.sap.com/irj/sdn/weblogs?blog=/pub/wlg/3721. [original link is broken] [original link is broken] [original link is broken] I have two PI servers running on one machine. I am trying to post message HTTPS with Client authentication via SOAP adapter from one PI system to SOAP adapter of other PI server. I have done the following configuration.
PI Server AXD - (Client) - Receiver SOAP adapter
PI Server AXQ - (Server) - Sender SOAP Adapter.
Steps in AXD
1. I have created a certificate of AXD in the service_ssl view of key storage.
2. I have imported the AXQ public certificate in to AXD in the TrustedCAs of Key storage
Steps in AXQ
1. I have created a certificate of AXQ in the service_ssl view of key storage.
2. I have imported the AXD public certificate in to AXQ in the TrustedCAs of Key storage.
3. I have created a user in AXQ and assigned the certificate of AXD under usermangement in Security provider to this user.
4. I have added the AXD certificate under Client Authentication tab with require client certificate option checked in the SSL Provider.
5. I have assigned the user created in AXQ in the step above to the Sender Agreement.
Now when I post message from AXD with Configure Client Authentication checked (Here I have selected the certificate of AXD and view as service_ssl) I am getting the following error.
Exception caught by adapter framework: SOAP: response message contains an error XIServer/UNKNOWN/ADAPTER.JAVA_EXCEPTION - java.security.AccessControlException: client certificate required at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.process(XISOAPAdapterBean.java:884) at com.sap.aii.af.mp.module.ModuleLocalLocalObjectImpl0_3
Any pointer to solve this problem is highly appreciated.
Thanks
Abinash

Hi Hemant,
I have couple of questions. Why do we need to import certificate for SOAP WS-Security and from where I can get it?
As far as my scenario goes I am not using message level security.
Secondly what do you mean by TRUSTED/WebServiceSecurity? I don't see any such view inside the Key Storage. I can see a view named just WebServiceSecuity though.
Also I don't have a decentralized adapter installation rather I have two separate PI instances having their own central adapter engine.
Abinash

Certificate Requirements / Best Practice for DR Pool

Good morning
I'm looking for clarification on the certificate requirements for DR. I already have both my primary pool and my DR pool built, and paired. At the time I configured there, I used two different certificates for each pool. I would really just prefer to use
one when we build the environment live.
Is there some reason I cannot just add *all* servers from both primary and DR pool into one cert as SANs? The subject name/common name of the cert doesn't *really* matter as long as both the pool FQDNs and all server FQDNs are in the Subject Alternative
Names, right?

It may work, but it's not the path Microsoft recommends:
https://technet.microsoft.com/en-us/library/gg398094.aspx. This is one of the reasons I always try use an internal certificate authority, even if I have to deploy one just for Lync, just so little items like this don't matter
much.
If it works, it's up to you. I'd base that decision on how mission critical the solution is. If it's your phone system, I'd follow Microsoft's guides to the letter so I'm not in a nightmare situation if I ever have to call Microsoft support.
If it's IM and P only, I'd be willing to let some things slide if it's saving you a lot of money.
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
SWC Unified Communications
This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

Receiver SOAP adapter SSL error - client certificate required?

Hi all,
Problem configuring SSL in XI 3.0 NW04 SP17....
I have followed the config steps from Rahul's excellent weblog at <a href="/people/rahul.nawale2/blog/2006/05/31/how-to-use-client-authentication-with-soap-adapter">How to use Client Authentication with SOAP Adapter</a> (my Basis team have done the Visual Admin steps) and am going through his example as it closely matches my requirement. So, I have a test receiver SOAP adapter sending messages to a web service URL defined for a sender SOAP adapter. My test scenario is:
Sender File -> Receiver SOAP -> Sender SOAP -> IDoc Receiver -> IDocs in R/3
The problem components are in italic and underlined above. My Receiver SOAP Adapter has the web service URL, Certificate Keystore Entry and View entered. If, in the Sender SOAP Adapter, I have an HTTP Security Level of HTTPS Without Client Authentication, the interface works fine (note that Rahul suggests you untick the User Authentication in the Receiver but with this Security Level, it seems to work with or without it).
The problem is when I set HTTPS With Client Authentication in the Sender. I then get the following error in the message monitor:
SOAP: response message contains an error XIServer/UNKNOWN/ModuleUnknownException - com.sap.aii.af.mp.module.ModuleException: java.security.AccessControlException: client certificate required caused by: java.security.AccessControlException: client certificate required at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.process(XISOAPAdapterBean.java:1111) at com.sap.aii.af.mp.module.ModuleLocalLocalObjectImpl3.process(ModuleLocalLocalObjectImpl3.java:103) at com.sap.aii.af.mp.ejb.ModuleProcessorBean.process(ModuleProcessorBean.java:250) at com.sap.aii.af.mp.processor.ModuleProcessorLocalLocalObjectImpl0.process(ModuleProcessorLocalLocalObjectImpl0.java:103) at com.sap.aii.af.mp.soap.web.MessageServlet.callModuleProcessor(MessageServlet.java:166) at com.sap.aii.af.mp.soap.web.MessageServlet.doPost(MessageServlet.java:421) at javax.servlet.http.HttpServlet.service(HttpServlet.java(Compiled Code)) at javax.servlet.http.HttpServlet.service(HttpServlet.java(Compiled Code)) at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java(Compiled Code)) at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java(Compiled Code)) at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java(Inlined Compiled Code)) at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java(Compiled Code)) at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java(Compiled Code)) at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java(Compiled Code)) at com.sap.engine.services.httpserver.server.Client.handle(Client.java(Inlined Compiled Code)) at com.sap.engine.services.httpserver.server.Processor.request(Processor.java(Compiled Code)) at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java(Compiled Code)) at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java(Compiled Code)) at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java(Compiled Code)) at java.security.AccessController.doPrivileged1(Native Method) at java.security.AccessController.doPrivileged(AccessController.java(Compiled Code)) at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java(Compiled Code)) at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java(Compiled Code)) Caused by: java.security.AccessControlException: client certificate required at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.process(XISOAPAdapterBean.java:843) ... 22 more
Has anyone got any idea what this could be caused by?
Many thanks,
Stuart Richards

Have you configured the https port with that keystore entry?
Check out these links:
http://help.sap.com/saphelp_nw2004s/helpdata/en/b0/881e3e3986f701e10000000a114084/frameset.htm
http://help.sap.com/saphelp_nw2004s/helpdata/en/5c/15f73dd0408e5be10000000a114084/frameset.htm
Regards,
Henrique.

RDS Certificate Requirements

Hello, I have implemented the following RDS configuration however I am having some trouble in locating the exact SSL certificate requirements that are needed for this setup. Any help with this would be much appreciated.
Environment:
Internal Domain Name: contoso.com
External Domain Name. contoso.com
1 x server with RDS Gateway installed
1 x server with RDS Web Access installed
1 x Session Broker
2 x Session Hosts, configured in a farm with the name farm.contoso.com
Please note that the Gateway and Web Access roles are installed on seperate servers. There is no ISA/TMG server in this implementation.
I believe I require the following certifcates:
RD Gateway - Public CA Single Name certificate containing the publically resolvable name of gateway.contoso.com
Web Access - Public CA Single Name certificate containing the publically resolvable name of webaccess.contoso.com
Session Hosts - Public CA SAN certificate containg the publically resolvable name of farm.contoso.com and the servers internal FQDN of host1.contoso.com and host2.contoso.com
If possible could someone please confirm if this is correct, it would be very much appreciated.
Kind Regards.

Hi Alex,
thank you for your reply, and yes that is correct regarding DNS. I plan to purchased the following certificates for my environment based on our discussion, can you please confirm if
this is correct.
RD Gateway - 1 x public CA single subject name SSL certificate for the publically resolvable name of remote.contoso.com
RD Web Access - 1 x public CA single subject name SSL certificate for publically resolvable name of webaccess.contoso.com
Session Hosts - 1 x public CA single subject name SSL certificate for farm.contoso.com for both session hosts and RemoteApp signing
Or I could purchase 1 x SAN certificate with all of the above external namespaces? Any feedback would be much appreciated.
Kind Regards.

Steps required for cin configuration

hi,
can anybody give me the steps required for cin configuration.

Hi,
CIN Setting:
Check Calculation Procedure
In this activity, you can check and, if necessary, change existing procedures for tax calculation.
Standard settings
Calculation procedures containing the necessary specifications for the calculation and posting of taxes on sales/purchases have already been defined in the standard SAP system for certain countries. Every calculation procedure groups several tax types together into a condition type (for example, output tax or input tax) in the calculation procedure, and determines calculation rules for it.
The calculation procedure determines for which amount the individual condition types are to be calculated. This can be the base amount (total of the expense items and the revenue items) or a subtotal. The entry in column FrmLvl, determines for which amount tax is calculated.
Note
In this activity, the condition types for the check and the possible change provided in the standard system are also displayed. Here, for example, the condition calculation rule, or for which base amount the tax is calculated is determined (= condition type).
Recommendation
If possible, do not change the condition types and calculation procedures provided in the standard system. Only check the standard condition types and calculation procedures regarding whether you can use them for your requirements. If necessary, make changes.
Activities
If you cannot use the standard settings, change the condition types and calculation procedures delivered to meet your requirements.
Procedure (pricing, output control, acct. det., costing,...)
Specifies the conditions that are allowed for a document and defines the sequence in which they are used.
Example
Procedures are used, for example, in the following applications:
· Pricing in sales and distribution
· Applying overhead in Product Costing (costing sheets) and for CO internal orders
· Calculating accrued costs in Profitability Analysis
· Output control (printed confirmations, EDI messages, electronic mail)
· Account determination
· Calculating taxes on sales/purchases
· Calculating accruals in Cost Center Accounting
· Pricing for resource planning
Definition: condition type
Controlling (CO)
A distinction, in overhead calculation, is made between:
· Base condition types, which determine the object for which the overhead is to be calculated
· Overhead condition types, which define the percentage overhead to be applied
In resource planning, a condition type determines the types of resource prices that are stored in the SAP System. These can be absolute or percentage values, for example.
Real Estate Management (RE)
An exact definition of a condition that specifies the amount paid for a specific service.
Condition types include:
· Basic rent
· Advance payment for operating costs
· Pest control
Sales and Distribution (SD)
A characteristic of a condition.
For example, in pricing, different condition types are used to distinguish between a discount that refers to a net price and a discount that refers to a gross price.
Treasury (TR)
A characteristic of a condition used to classify financial transactions.
Typical examples of condition types are interest, dividends, or full repayment upon maturity. The various parameters specified for the individual condition types determine how the flows are calculated in the cash flow.
Return ->
Definition: condition_type
Condition type
The condition type is used for different functions. In pricing, for example, the condition type lets you differentiate between different kinds of discount; in output determination, between different output types such as order confirmation or delivery note; in batch determination, between different strategy types.
Access sequence
With the access sequence you define
· the condition tables used to access the condition records
· the sequence of the condition tables
· which field contents are the criteria for reading the tables
Assign Country to Calculation Procedure
In this activity, you enter the key for the calculation procedure which determines the conditions which are allowed per document and which defines the sequence of the conditions in the document for each country.
Requirements
Each calculation procedure which you enter must contain the necessary specifications for calculating and posting the taxes on sales/purchases. For more information on this, read the chapter "Create calculation procedure".
Activities
1. Assign a procedure for tax calculation to every country with which your company has business dealings.
2. Make sure that the corresponding data for calculating taxes is stored for each calculation procedure which you enter here.
Check and Change Settings for Tax Processing
In this activity you make the necessary specifications for posting taxes. In doing this you specify under a process key the following indicators:
· Tax type
Output tax, input tax, additional taxes, or "not tax-relevant" can be specified as the tax type.
· Nondeductibility of tax amounts
For this, tax amounts are marked as not deductible.
· Posting indicator
Here you specify whether the tax amount is posted separately or distributed to expense or revenue items.
· Tax not relevant to cash discount (Not discount relevant)
This indicator is set only for Canada. If you select it, the system does not take into account the corresponding tax amount when determining the tax base.
Standard settings
Process keys with the most important characteristics for tax amounts have already been set in the standard SAP system.
Recommendation
Do not change the standard settings. Check whether you can use these process keys for your company, making changes only if necessary.
Activities
If you cannot use the standard settings, use new process keys and enter them in your calculation procedure. Do not change the standard SAP process keys.
Note
You must make enhancements to the standard settings if you want to specify a new account key in the "Create calculation procedure" activity. You must create and maintain this key beforehand in the "Settings for tax processing" activity.
Internal processing key
The internal processing keys are used by the system to determine accounts or posting keys for line items which are created automatically.
The processing keys are defined in the system and cannot be changed by the user.
Definition: posting key
Financial Accounting (FI)
A two-digit numerical key that determines the way line items are posted.
This key determines several factors including the:
· Account type
· Type of posting (debit or credit)
· Layout of entry screens
Return ->
Definition: posting_key
Maintain Excise Registrations
Use
In this IMG activity, you maintain the data relating to your excise registrations.
Activities
Enter each of your excise registrations, specifying a four-character code for each.
Definition: excise registration
Financial Accounting (FI)
An entity in India that is entitled by law to produce any goods liable to excise.
Each entity is assigned its own excise registration number.
Every factory that manufactures excisable goods is required to register separately, so that a business with seven factories requires seven registrations.
Return ->
Definition: excise registration
Maintain Company Code Settings
Use
In this IMG activity, you maintain the data relating to your company codes.
Maintain Plant Settings
Use
In this IMG activity, you maintain excise information relating to your plants.
Maintain Excise Groups
Use
In this IMG activity, you define your excise groups. For each excise group, you can also control how various excise invoice transactions will work.
Definition: excise group
Financial Accounting (FI)
A unit within an excise registration, in India, which keeps its own set of excise records.
Whereas the excise registration reports to the excise authorities, the excise group is a purely internal organizational unit. Each excise group keeps records of all transactions that have to be reported to the excise authorities. When the time comes to present these records to the authorities, the excise registration compiles the information from all of its excise groups.
Return ->
Definition: excise group
Maintain Series Groups
Use
In this IMG activity, you define the different excise series groups within your company. Series groups allow you to maintain multiple number ranges for the outgoing excise documents.
Based on excise regulations and exemptions from the authorities you can maintain multiple number series for outgoing documents. But each of these series has to be declared to the excise authorities.
Activities
· Define excise series groups based on type of outgoing document
· Assign series group to excise registration ID
· If no financial postings are required for an Excise invoice in this seris group then you tick the 'No utilization' indicator.
· If the CENVAT has to be paid immediately and you need not wait for the Fort nightly payment then mark the 'Immediate Utilization' indicator.
Example
You could define two series groups, group 001 for excise invoices, and group 002 for 57 F4 documents.
Maintain Excise Duty Indicators
Use
In this IMG activity, you maintain the excise duty indicators.
Maintain Postal Addresses
Use
In this IMG activity, you maintain the addresses of various customs and excise organizations that your company deals with.
You use these addresses in the ARE Documents functions. When you create an ARE-1 or ARE-3, you enter the address of the excise department and the customs department involved in the export process. The system then prints their names and addresses on the AREs.
You can then define a default local excise department for each excise group and a default customs department for each series group.
Definition: ARE-1 document
Logistics - General (LO)
A form, in India, that companies have to fill out when they remove excisable goods from their manufacturing plants for export.
The form exempts them from paying excise duty when they remove the goods from their premises.
Return ->
Definition: ARE-1 document
Definition: ARE-3 document
Logistics - General (LO)
A form, in India, that allows companies to sell otherwise excisable goods from their premises without paying basic excise duty. The buyer of the goods must be in possession of a deemed export license.
The ARE-3 states what goods are being removed and which deemed excise license covers it.
Return ->
Definition: ARE-3 document
Maintain Subtransaction Type with Text
Sub Transaction Type
Sub transaction type is used for multiple purposes
Subcontracting:
It determines the subcontracting attributes and determines the accounts for the posting while doing a sub contracting transaction.
Excise removals
Sub transaction type is also used for determining the accounts while doing excise removals.
With in CIN the account determination is based on the transaction type. So normally you can have a single set of accounts for Excise utilization. In case you need alternate account determination for handling various scenarios you can define sub transaction types. The sub transaction types and corresponding account assignments needs to be maintained in CIN customization
Select Tax Calculation Procedure
Use
In this IMG activity, you specify which tax procedure you want to use for determining excise duties and sales taxes on input materials in India.
· If you use condition-based excise determination, use a copy of the tax procedure TAXINN.
· If you use formula-based excise determination, use a copy of the tax procedure TAXINJ.
This tax procedure also supports condition-based excise determination, so that you can work with both concurrently.
We strongly recommend that new customers use condition-based excise determination. Note that once you have started using a tax procedure, you cannot switch to another one, otherwise you will not be able to display old documents.
Definition: condition-based excise determination
Logistics - General (LO
A method that the system uses of determining excise duty in India.
This method requires you to create condition records for each combination of vendor or customer and material (and possibly other conditions).
When you create a purchasing document, the system calls the tax procedure assigned to India. The tax procedure finds all of the condition records that you have created for that combination of vendor and material.
When you create a sales document, the excise duties and sales taxes are determined by the pricing procedure (not the tax procedure).
Return ->
Definition: condition-based excise determination
Definition: formula-based excise determination
Logistics - General (LO)
A method that the system uses of determining excise duty in India.
This method was used in the Country Version India Add-On and requires you to maintain additional data in the Excise Rate Maintenance transaction, J1ID.
When you create a purchasing document, the system calls the tax procedure assigned to India. Each of the excise duties in the tax procedure has its own condition types, and each condition type is assigned to a formula. This formula instructs the system to calculate the excise duty using the data that you have maintained in the Excise Rate Maintenance transaction.
When you create a sales document, the system determines the excise duties and sales taxes using the pricing procedure (not the tax procedure).
Return ->
Definition: formula-based excise determination
Maintain Excise Defaults
Use
In this IMG activity, you define which tax procedure and pricing condition types are used in calculating excise taxes using formula-based excise determination.
Activities
If you use condition-based excise determination, fill out the CVD cond. field and leave all the others blank.
If you use formula-based excise determination, fill out all of the fields as follows:
· Enter the tax procedure and the pricing conditions that are relevant for excise tax processing.
· Specify the purchasing and sales conditions types used for basic excise duty, additional excise duty, special excise duty, and cess.
· Specify the conditions in the sales order that are used for excise rates.
· Specify the countervailing duty condition type used for import purchase orders.
See also
SAP Library -> Logistics -> Country Versions -> Asia-Pacific -> India -> Materials Management (MM) -> Condition-Based Excise Determination and -> Formula-Based Excise Determination.
Definition: basic excise duty
Financial Accounting (FI)
The main type of excise duty in India.
It is levied on a wide range of products, for example, foodstuffs, metals, jewellery, leather goods, and machinery.
Return ->
Definition: basic excise duty
Definition: additional excise duty
Financial Accounting (FI)
A form of excise duty, in India, levied on a select range of products, for the most part, textiles.
Return ->
Definition: additional excise duty
Definition: special excise duty
Financial Accounting (FI)
A form of excise duty in India on a limited number of goods, mostly luxury goods, including pan masala, sparkling waters, furs, and yachts.
Return ->
Definition: special excise duty
Definition: cess
Financial Accounting (FI)
In India, a tax on the manufacture of certain products, mostly foodstuffs.
Return ->
Definition: cess
Definition: countervailing duty
Financial Accounting (FI)
A form of excise duty imposed on imports that are subsidized by the country in which they were manufactured.
Countervailing duty (also known as CVD) is intended to make the imports more expensive, thereby redressing any competitive advantage they might have over goods produced locally.
Return ->
Definition: countervailing duty
Define Tax Code for Purchasing Documents
Use
In this IMG activity, you define a tax code for the purposes of calculating excise duty when you enter purchasing documents.
Only carry out this activity if you use condition-based excise determination.
Activities
Create a new tax code, and set the tax code type to V (input tax). Do not make any other settings for it.
See also
SAP Library -> Logistics -> Country Versions -> Asia-Pacific -> India -> Materials Management (MM) -> Condition-Based Excise Deter
Sales Tax Code
The tax code represents a tax category which must be taken into consideration when making a tax return to the tax authorities.
Tax codes are unique per country. The tax rate calculation rules and further features are stored in a table for each tax code.
Procedure
For tax-exempt or non-taxable transactions, you should use tax codes with a 0 percentage rate if the corresponding transactions are to be displayed in the tax returns.
Note
You must define new tax codes if tax rates are changed by the state. The old codes with the old tax rates must remain in the system until no more open items which use this tax code exist.
Definition: tax code
Financial Accounting (FI)
A two-digit code that represents the specifications used for calculating and displaying tax.
Examples of the specifications defined under the tax code are:
· Tax rate
· Type of tax (input tax or output tax)
· Calculation method (percentage included or percentage separate)
Return ->
Definition: tax_code
Definition: tax rate
Financial Accounting (FI)
The percentage rate used to calculate the tax amount.
Return ->
Definition: tax_rate
Assign Tax Code to Company Codes
Use
In this IMG activity, assign the tax code for purchasing documents to the company codes where it will be used.
Only carry out this activity if you use condition-based excise determination.
See also
SAP Library -> Logistics -> Country Versions -> Asia-Pacific -> India -> Materials Management (MM) -> Condition-Based Excise Determination
Classify Condition Types
Use
In this IMG activity, you specify which condition types you use for which sort of tax. Note that this only applies to condition types that you use with the new excise determination method.
The system uses this information when you create a document from another one. For example, when you enter an incoming excise invoice from a purchase order, or when you create an outgoing excise invoice from a sales order, the system determines the various excise duties in the excise invoice using the information that you have entered here.
In addition, when you create a purchasing document, the system only uses the condition types that you enter here.
· For taxes on purchases, use the condition types contained in the tax procedure.
· For taxes on sales, use the condition types contained in the pricing procedures.
Standard settings
The standard system comes with sample settings for the tax calculation procedures and pricing procedures.
Use these settings as a basis for your own.
Maintain Chapter IDs
Use
In this IMG activity, you maintain the chapter IDs and the corresponding descriptions as per the schedules published by the Central Board of Excise and Customs.
Definition: chapter ID
Logistics - General (LO)
The number given to a material in the schedules of materials published by the government of India.
The schedule lists all materials involved in manufacturing, input materials and output materials alike. It shows how much excise duty is levied on each material.
Each material in the schedule is assigned its own identification code, called "chapter ID."
Example
The schedule contains an entry for ceramic roofing tiles, which are liable to basic excise duty at 16%. The chapter ID associated with these tiles is 6903.10.
Return ->
Definition: chapter ID
Assign Users to Material Master Screen Sequence for Excise D
Use
In this IMG activity, you customize the material master data so that it shows the information relating to excise duty.
Standard settings
Country Version India comes with a screen sequence (IN) that shows the excise duty fields. You have to assign it to each of your users.
Activities
1. Double-click User Screen Reference.
2. Assign all users who need to see the excise duty information to the screen reference IN.
Example
Name Screen Reference
MISHRA IN
Screen Sequence Number
Alphanumeric key identifying the screen sequence. The screen sequence defines the sequence of information units in the material master dialog. A screen sequence is made up of data screens. For information on the screen sequences defined in the standard R/3 system, see the IMG documentation Configuring the Material Master.
Note
When creating a screen sequence, use an alphanumeric key beginning with the letter Y or Z (customer name range). This key cannot subsequently be changed.
Dependencies
You can assign screen sequences to users in the IMG activity Assign Screen Sequences to Users/Material Types/Transactions/Industry Sectors.
Screen reference depending on the user
Grouping of users that determines what screens are displayed in accordance with the user master record when you maintain material master records. It also determines the order in which the screens appear.
Definition: user master record
User and Authorization Management (BC-SEC-USR)
Record that contains important master data for a user in the SAP System.
The user master record contains the assignment of one or more roles to the user. This is how a user menu and the corresponding authorizations for the activities contained in the user menu are assigned to the user. Only users who have a user master record can log on to the system.
Return ->
Definition: user_master_record
Define Form Types
Use
In this IMG activity, you define which form types you want to record in the system. You can only use form tracking for the form types that you enter here.
Example
· Form type: CT3
· Form description: Concessional tax form
· Status: Receive
Define G/L Accounts for Taxes
Use
In this IMG activity, you specify which G/L accounts you will use to record which taxes.
Requirements
You have set up G/L accounts for each of the processing keys listed below.
Activities
Assign an account to each of the following posting keys. The accounts for VS1, VS2, and VS3 are used as clearing accounts during excise invoice verification.
· VS1 (basic excise duty)
· VS2 (additional excise duty)
· VS3 (special excise duty)
· VS5 (sales tax setoff)
· MWS (central sales tax)
· MW3 (local sales tax)
· ESA (service tax)
· ESE (service tax expense)
Specify Excise Accounts per Excise Transaction
Use
In this IMG activity, you specify which excise accounts (for excise duty and CENVAT) are to be posted to for the various transaction types. Enter all the accounts that are affected by each transaction type.
If you use subtransaction types, enter the accounts for each subtransaction type as well.
Activities
Transaction type UTLZ is used for determining accounts only while posting excise JVs and also if the payment of excise duty has to be done fortnightly.
The fortnightly CENVAT payment utility picks up the credit side accounts from the transaction types of GRPO, EWPO, and TR6C for determining the CENVAT and PLA accounts. There is no separate transaction type for fortnightly payment.
Example
Excise TT DC ind Account name
GRPO CR CENVAT clearing account
GRPO CR RG 23 BED account
GRPO DR CENVAT on hold account
Specify G/L Accounts per Excise Transaction
Use
In this IMG activity, you assign the excise and CENVAT accounts to G/L accounts.
When you come to execute the various transactions, the system determines which G/L accounts to post to by looking at the:
· Excise group
· Company code
· Chart of accounts
Furthermore, if you want separate account determination settings within an excise group, you can also use sub transaction types.
Requirements
You have already:
· Defined the G/L accounts
· Defined the excise groups
· Maintained the transaction accounts
Activities
For each excise group, assign the excise and CENVAT accounts to G/L accounts. For most businesses, one set of accounts will suffice for alltransactions.
Note
You need not remit the CENVAT to the excise department immediately, so maintain the credit account for transaction type DLFC as an excise duty interim account. This will be set off when you remit the duty.
Define Processing Modes Per Transaction
Use
In this IMG activity, you specify which processing modes the user can use in the various Incoming Excise Invoice transactions.
This way, you can tailor the transaction to what your users have to do.
Standard settings
The system comes with three standard transactions relating to the Incoming Excise Invoices function (those that are included in the role SAP_CIN). The processing modes available in these transactions are as follows:
· J1IEX_C
This transaction is for excise clerks: users of this transaction can only capture and display excise invoices.
· J1IEX_P
This transaction is for excise supervisors: they can change, display, cancel, and post excise invoices.
· J1IEX
In this transaction, users can capture and post excise invoices, as well as displaying, changing, and canceling them.
Activities
If the standard settings meet your requirements, do not do anything.
Otherwise, you can adjust the standard settings or you can create your own transactions. To do so:
1. In Maintain Transaction, create a new transaction by making a copy of one of the standard transactions. Give the new transaction a transaction code of your choice.
2. In this activity, enter data as follows:
o Tcode: The transaction code that you have just created.
o Proc. mode: Specify what the users of the transaction will do with the excise invoices.
o Active: Select this indicator to activate the setting.
Example
You might want to create a transaction that only allows users to display excise invoices.
Define Reference Documents Per Transaction
Use
In this IMG activity, you specify for each combination of transaction and processing mode which reference documents you want the users to be able to use.
Activities
If the standard settings meet your requirements, you do not have to do anything.
Otherwise, add the entries that you need to the table: For each transaction, make one entry per combination of processing mode and reference document. Activate each entry for it to work.
Definition: excise invoice reference document
Logistics - General (LO)
A document, in India, that you refer to when you enter an incoming excise invoice.
If you have already posted the goods receipt, you can use the goods receipt document as the reference document. Otherwise, you can use the purchase order (or another purchasing document, such as a be a contract or a scheduling agreement).
Example
In the SAP System, you create a purchase order for 100 bags of sand and send the order to your vendor. Two weeks later, the vendor delivers the sand, accompanied by an excise invoice.
When you enter the excise invoice in the system, you specify the number of the original purchase order: this is the reference document.
Return ->
Definition: excise invoice reference document
Maintain Rejection Codes
Use
In this IMG activity, you define the rejection codes that are used in the Incoming Excise Invoices transaction.
Activities
For each rejection code, enter a code and a description. You can also specify whether the excise duty in the invoice is to be posted to the CENVAT on hold account, instead of the CENVAT clearing account.
Specify Which Movement Types Involve Excise InvoicesUse
In this IMG activity, you specify which movement types relating to goods receipts involve excise invoices.
The system uses this information during the goods receipt procedure. When you post a goods receipt using one of the moevement types that you have specified here, the system prompts you to enter the excise invoice number.
Note
This option cannot be used for processing goods receipts without purchase orders.
Maintain Default Excise Groups and Series Groups
Use
In this IMG activity, you specify which excise group and series group you want to appear in these fields by default. You can make separate settings for different combinations of sales organization, distribution channel, division, and shipping point.
Activities
This activity is optional, unless you want the system to automatically create outgoing excise invoices when you create a customer invoice.
In this case, you must also make the appropriate setting in Customizing for Excise Duty, by choosing Basic Subcontracting Attributes
Use
The subcontracting attributes help determine conditions for a combination of an excise group, a transaction type, and a subtransaction type.
The conditions such as the number of excise items per subcontracting challan, if the nonexciseable materials have to be filtered or not when the subcontracting challan is created, the movement type groups for issues and receipts and the hierarchy of determining the excise base value are mentioned here.
Requirements
Before you continue with this activity, work through the following activities:
· Materials Management -> Inventory Management and Physical Inventory -> Goods Issue / Transfer Postings -> Define Screen Layout.
For the movement type 541, maintain the field Purchase Order as an optional entry or as a required entry.
· Materials Management -> Inventory Management and Physical Inventory -> Output Determination ->Maintain OutputTypes.
Maintain the output type. On the Default Values tab, maintain the dispatch time and the transmission medium. Maintain the print parameter on the Print tab. This output type has to be maintained in this activity here.
· Materials Management -> Inventory Management and Physical Inventory -> Output Determination ->Assign Forms andPrograms.
Maintain the Program, FORM routine, and the form for the output type.
· Materials Management -> Inventory Management and Physical Inventory -> Output Determination ->Printer Determination -> Printer Determination by Plant / Storage Location.
Enter the output device that you use.
Settings -> Maintain Excise Groups, and selecting Create EI (Create Excise Invoice Automatically).
Maintain Movement Type Groups
Use
In this IMG activity, you group movement types together to form movement type groups.
Definition: movement type
Inventory Management (MM-IM)
A classification key indicating the type of material movement (for example, goods receipt, goods issue, physical stock transfer).
The movement type enables the system to find predefined posting rules determining how the accounts of the financial accounting system (stock and consumption accounts) are to be posted and how the stock fields in the material master record are to be updated.
Return ->
Definition: movement type
Utilization Determination
Use
In this IMG activity, you specify which CENVAT accounts are to be debited by the Fortnight Utilization of CENVAT report: When the report calculates how much excise duty you must remit, it automatically proposes which CENVAT accounts the duty should be debited to. Here, you specify those defaults.
You can either:
· Debit all the excise duty to one account
· Debit the excise duty to more than one account, in which case you specify which percentage is to be debited to each account
Example
If you want 50% of basic excise duty (BED) to be debited to the RG 23A account and the remaining 50% to the RG 23C account, you would make the following settings:
Acct name BED perc.
RG 23A BED account 50
RG 23C BED account 50
Alternatively, to debit all of the BED to the RG 23A account, and then RG 23C account, if there is not enough in the RG 23A account, you would make the following settings:
Acct name BED perc. +
RG 23A BED account X
RG 23C BED account X
When you come to run the report, the system takes the RG 23A account because it is the first one you have entered. If this account does not cover the BED, the system takes the RG 23C account instead.
Maintain Minimum Balances for Excise Accounts
Use
In this IMG activity, you can maintain minimum balances in your excise accounts. When the balance in these accounts during utilization falls below this level, the system automatically utilizes funds in the PLA account.
Activities
Maintain the minimum balance amount for the excise accounts. If you have more than one excise group, you can maintain different minimum balances.
Specify SAPscript Forms
Use
In this IMG activity, for each of your company codes, you specify which SAPscript forms the system prints the excise registers with.
Standard settings
Country Version India includes a number of sample SAPscript forms and printing programs, which you can use as follows:
Reg. name Lay. no. Form Tcode/Prog
RG 23A Part I 1 J_2IRG23A_PART1 J_2IRAP1
RG 23C Part I 1 J_2IRG23C_PART1 J_2IRCP1
RG 23A Part II 1 J_2IRG23A_PART2 J_2IRAP2
RG 23C Part II 1 J_2IRG23C_PART2 J_2IRCP2
PLA 1 J_2I_PLA J_2IPLA
RG 23 D 1 J_2I_RG23D J_2IRG23
RG 1 1 J_2I_RG1 J_2IRRG1
RT 12 1 J_2I_RT12_ABSTRA J_2IRT12
RT 12 1 J_2I_RT12_ABSTRA J_2IRT12
RT 12 1 J_2I_RT12_3 J_2IRT12
The layout description can be left blank or an appropriate description maybe filled in. You may not change the register name. You can have your own layouts and maintain the name here. If the output device and number of copies are maintained it is automatically picked up for printing.
Number Ranges
You can maintain the number ranges for all CIN Number range objects using this transaction
Activities
Please maintain the number ranges for the folllowing objects The no nr has to be '01' for all
1. j_1iintnum
At an Excise group
1. j_1irg23a1
2. j_1irg23a2
3. j_1iRG1
4. j_1irg23c1
5. j_1irg23c2
6. j_1ipla2
7. j_1iintpr2
8. j_1irg23d
9. j_1irg1_t ( material level)
10. j_1iconpla ( if Consolidated PLA is used )
At Series group
1. j_1iexcloc
2. j_1iexcexp
3. j_1idepinv
4. j_1i57Fc ( 57F Challans

Re: Quality Certificate requirement At MIGO for raw material

Dear all,
I have a requirement where I want the system ask for Quality certificate while doing the goods receipt. The system should not allow me to process the transaction-MIGO if certificate is not recieved.
Please advice
Regards,
Vivek Sharma

Hi Vivek,
You need to perform following settings.
Configuration
Follow the path
Run trx QCC0->QM in Logistics->QM in Procurement-->Define Control Keys.
Here create your own control key
Where you can set the rest data as per your requirement but for to check the check box for "Cert Required" is must be activated to meet the requirement relevant to this thread.
Save
Say you have configured your Control Key ZZ01
Now just below this one small configuration is mandatory is Run trx QCC0->QM in Logistics->QM in Procurement-->Define Keys for Certificate Processing
Maintain Description
Execute it and go to "Define Certificate Types"
Here either for your relevant certification type or for new type (if you wish to create new), maintain the data as below
"Certificate Required for Each Purchase Order Item" ==== Active
"Certif. per GR Item" ==== Active
"Certif. check required" ==== Active
"Control W/O Certif." Set any error message, I would suggest to select "Without lot error message, with lot error message"
"Enhanced cert. processing" ==== Don't Activate
"No certif. confirmation at GR" ==== Don't Activate
The rest settings are not important to maintain so leave them blank.
At Master Level
In QM view of MM for the material maintain "QM Control Key" that just created "ZZ01"
and the certificate type that is just created or amended. under the procurement data.
Maintain Q-Info record for Material - Vendor - Plant combination (QI01)
Now as per your requirement system will ask for the confirmation for certificate receipt as Yes/No. under the Purchase Order data in MIGO at item level data.
If you select "NO" to it it will not allow to post the GR.
I hope this is what you were looking for.
Regards,
Shyamal

Can't find SSL certificate in SQL server configuration manager?

Hi
It's been 2 days and I need a help. I have visited a number of sites and I still can't make it work
Two severs I have: Windows 2012 Standard with SQL 2008 R2 and SQL 2012
I am trying to set it up on SQL 2008 R2 right now.
I have a certificate from a CA and did the followings.
1. Open MMC
2. Add Certificates Snap-in as a computer account (In fact, I tried all the three accounts)
3. Right click-on Personal folder and All taks and Import
4. Installed the certificate with Certificate import Wizard
5. The certificate shows up under Personal/Certificates and Trusted Root Certification Authorities/Certificates
I did this with a local administrator account as well as MSSQL account(SQL Server service account I created). Even though the server is part of domain, SQL server is set up with local accounts.
This is a simply summary. I tried everything in the article such as 'Create Custom Request'.
I am not sure what I am missing. Why can't I see the certificate in SQL Server configuration manager?
I even made MSSQL (service account) as administrator. Not working.
as I am not using the domain service account, I believe below is not relevant.
Missing detail on "Install a certificate in the Windows certificate store..."
When following recommended security procedures and running SQL server under a domain service account, the service will fail to start after assigning a certificate to the protocols. This is because the service account does not have permissions to read
the private key. Fix this in the Certificates MMC snap-in (preferably right after installing the certificate.) Select the certificate you just imported, then in the Action menu select "Manage private keys." Grant the domain service
account read access to the private key of the server certificate.
Below is the few of reference I looked at..
https://support.microsoft.com/en-us/kb/316898/
https://msdn.microsoft.com/en-us/library/ms191192(d=printer).aspx
https://technet.microsoft.com/en-us/library/ms189067(v=sql.105).aspx
http://www.mssqltips.com/sqlservertip/3299/how-to-configure-ssl-encryption-in-sql-
http://blogs.msdn.com/b/sqlserverfaq/archive/2010/05/28/inf-permissions-required-for-sql-server-service-account-to-use-ssl-certificate.aspx

Hi Dinesh
Thanks for the reply.
I did looked into the both sites as well. but it did not work.
Below is the step to install SQLs server certificate. and I was stuck with Step 9. when click 'next' in the wizard, I am not getting into a place to select 'computer' as certificate type.
Do you know what is wrong please?
Open the Microsoft Management Console (MMC): click Start, then click Run and in the Run dialog box type: MMC
On the File menu, click Add/Remove Snap-in...
Select Certificates, click Add.
You are prompted to open the snap-in for your user account, the service account, or the computer account. Select the Computer Account.
Select Local computer, and then click Finish.
Click OK in the Add/Remove Snap-in dialog box.
Click to select the Personal folder in the left-hand pane.
Right-click in the right-hand pane, point to All Tasks, and then click Request New Certificate...
Click Next in the Certificate Request Wizard dialog box. Select certificate type 'Computer'.
You can enter a friendly name in text box if you want or leave it blank, then complete the wizard.
Now you should see the certificate in the folder with the fully qualified computer domain name

GR with quality certificate required

Hi All,
I have set certificate require in my PO. During GR, it will prompt me whether I have receive my certificate. If no system will post the stock into block stock as I did not active quality inspection lot. So if I have receive the certificate after GR, will this stock be posted to unrestricted stock automatically ? Or I need to do a manual transfer posting?
Please kindly advice.

Hi,
After you get quality certificate you need to do transfer posting. According to my knolwedge system won't post the stock to unrestricted stock automatically. Thanking you.

AD Certificate Services CRL & AIA configuration

I'm prototyping a two tier PKI setup as a prerequisite to SCCM 2012 R2. In this setup I have on offline root CA (not domain joined) and two subordinate Enterprise Issuing CAs with AD Certificate Services installed. I have the Online Responder
service installed and configured on both Issuing CAs. I'm using the Online responder to sync the two using the Array Configuration. I also plan to load balance the two OCSP responder service systems using an address like
http://pki.contoso.com/ocsp . However, I'm a little confused about how the CDP and AIA locations should be configured on each of the three systems since I've read so much seemingly contradictory information.
Here's the CDP & AIA settings for the three systems:
MyRootCA1-CDP
C:\Windows\system32\CertSrv\CertEnroll\<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl
<CRLNameSuffix><DeltaCRLAllowed>.crl">http://MySubCA01.contoso.com/CertEnroll/<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl
,CN=AIA,CN=Public">ldap:///CN=<CATruncatedName>,CN=AIA,CN=Public
Key Services,CN=Services,<ConfigurationContainer><CAObjectClass>
_<CaName><CertificateName>.crt">http://MySubCA02.contoso.com/CertEnroll/<ServerDNSName>_<CaName><CertificateName>.crt
MySubCA01-CDP
C:\Windows\system32\CertSrv\CertEnroll\<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl
<CRLNameSuffix><DeltaCRLAllowed>.crl">file://MySubCA01.contoso.com\pki\<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl
MySubCA01-AIA
,CN=AIA,CN=Public">ldap:///CN=<CATruncatedName>,CN=AIA,CN=Public
Key Services,CN=Services,<ConfigurationContainer><CAObjectClass>
http://pki.contoso.com/ocsp
MySubCA02-CDP
C:\Windows\system32\CertSrv\CertEnroll\<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl
<CRLNameSuffix><DeltaCRLAllowed>.crl">file://MySubCA02.contoso.com\pki\<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl
MySubCA02-AIA
,CN=AIA,CN=Public">ldap:///CN=<CATruncatedName>,CN=AIA,CN=Public
Key Services,CN=Services,<ConfigurationContainer><CAObjectClass>
http://pki.contoso.com/ocsp
I haven't seen any issues. Since I've cobbled the configuration from different sources, I just want to get some feedback and know that the configuration is appropriate for the design.
Thanks in advance.

See this:PKI Certificate Requirements for Configuration Manager

Trading partner required during clearing of Customer

Hi,
System is not allowing to clear two line items which is open in customer Account.
First document is posted with reconciliation account which is generally used for external customer for which trading partner is not required during document posting. Then we changed the reconciliation account which is used for internal customer for which Trading partner is required, but during document posting system did not capture any trading partner. No trading partner captured during both the document posting.
When we are trying to clear both these document using F-32 , now system asking for a trading partner.
Can any one suggest, how to clear both these document?
Thanks in Advance,
L Nayak

Dear Nayak
Add trading partner in the customer master before clearing the account in cust code f-32. The trading partner is available in Control data of the cust master
Regards
Saroj

Certificates required during SharePoint configuration

Similar Messages

Maybe you are looking for