Risks associated with digital signatures

Similar Messages

• Loading Invoice XML IDoc with digital signature via XI into R/3

  Hi,
  I received an Invoice XML IDoc with digital signature via Mail (for test purposes) and want to load it via XI into an R/3 systeme.
  My idea is to load the Invoice XML IDoc file via the File Sender Adapter into XI and send it to the R/3 system via the IDoc Inbound adapter.
  Due to the digital signature the file looks like this:
  0‚ S      *†H†÷
      ‚ D0‚ @   1 0       +      0‚ '      *†H†÷
      ‚   ‚   ‚ –0‚ ’0‚ û      etc.
  When I load the file like this with the File Sender Adapter, an error message occurs in the XI Monitoring as the XML Parser cannot read the file due to the digital signatur (as expected).
  Has anybody an idea how I can configure the File Sender Adapter Communication Channel to be able to load only the XML IDoc and ignore the digital Signature strings?
  Thanks in advance for your support.
  Alex

  BTW
  do use the second way you need:
  Security Settings for the Sender Mail Adapter
  http://help.sap.com/saphelp_nw04/helpdata/en/27/c0524257a1b56be10000000a155106/content.htm
  and
  Key Storage Service
  http://help.sap.com/saphelp_webas630/helpdata/DE/e9/a1dd44d2c83c43afb5ec8a4292f3e0/content.htm
  apart from adapter module config
  Regards,
  michal

• PDF File with Digital Signature

  I am opening a "PDF File with Digital Signature" using Adobe Acrobat Pro 9.
  File gets opened.
  Then i choose "Preflight: option for "Report PDF Syntax issues".
  The following message is displayed:
  "An error occured while parsing a contents stream. Unable  to analyze the PDF file."
  So whats the solution for this error?

  Hi,
  I have uploaded the file on the specified link:
  http://www.filefactory.com/file/b3g5h37/n/abc.pdf

• How to create Web Service Client from wsdl with digital signature?

  Please, help me to create Web Service Client from wsdl with digital signature. I know create Web Service client from wsdl file and I know how to add digital signature to XML with jwsdp, but I don't know how to do it together.
  Thanks.

  I'm handling security wit JAX-WS handler. So I insert "manually" ws-security tag and I encrypt (and sign) message parts.
  On client side, all works fine, but on server side I obtain:
  ---Server Inbound SOAP message---|#]
  Decrypting message and rebuilding Valuees... |#]
  Starting decrypt|#]
  . dectypted.!
  --found following string: <ns1:addiziona><num1>80</num1><num2>22222</num2></ns1:addiziona>|#]
  ...MESSAGE Restored.|#]
  <?xml version="1.0" ?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ns1="http://calculator.me.org/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><soapenv:Body><ns1:addiziona><num1>80</num1><num2>22222</num2></ns1:addiziona></soapenv:Body></soapenv:Envelope>|#]
  Error in decoding SOAP Message
  Error in decoding SOAP Message
          at com.sun.xml.ws.encoding.soap.server.SOAPXMLDecoder.toInternalMessage(SOAPXMLDecoder.java:89)
          at com.sun.xml.ws.protocol.soap.server.SOAPMessageDispatcher.toMessageInfo(SOAPMessageDispatcher.java:187)
          at com.sun.xml.ws.protocol.soap.server.SOAPMessageDispatcher$SoapInvoker.invoke(SOAPMessageDispatcher.java:571)
          at com.sun.xml.ws.protocol.soap.server.SOAPMessageDispatcher.receive(SOAPMessageDispatcher.java:145)
          at com.sun.xml.ws.server.Tie.handle(Tie.java:88)
          at com.sun.enterprise.webservice.Ejb3MessageDispatcher.handlePost(Ejb3MessageDispatcher.java:160)
          at com.sun.enterprise.webservice.Ejb3MessageDispatcher.invoke(Ejb3MessageDispatcher.java:89)
          at com.sun.enterprise.webservice.EjbWebServiceServlet.dispatchToEjbEndpoint(EjbWebServiceServlet.java:178)
          at com.sun.enterprise.webservice.EjbWebServiceServlet.service(EjbWebServiceServlet.java:109)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
          at com.sun.enterprise.web.AdHocContextValve.invoke(AdHocContextValve.java:100)
          at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:566)
          at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:536)
          at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:71)
          at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:182)
          at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:566)
          at com.sun.enterprise.web.VirtualServerPipeline.invoke(VirtualServerPipeline.java:120)
          at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:939)
          at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:137)
          at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:566)
          at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:536)
          at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:939)
          at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:231)
          at com.sun.enterprise.web.connector.grizzly.ProcessorTask.invokeAdapter(ProcessorTask.java:667)
          at com.sun.enterprise.web.connector.grizzly.ProcessorTask.processNonBlocked(ProcessorTask.java:574)
          at com.sun.enterprise.web.connector.grizzly.ProcessorTask.process(ProcessorTask.java:844)
          at com.sun.enterprise.web.connector.grizzly.ReadTask.executeProcessorTask(ReadTask.java:287)
          at com.sun.enterprise.web.connector.grizzly.ReadTask.doTask(ReadTask.java:212)
          at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:252)
          at com.sun.enterprise.web.connector.grizzly.WorkerThread.run(WorkerThread.java:75)
  Caused by: javax.xml.ws.soap.SOAPFaultException: Cannot find the dispatch method
          at com.sun.xml.ws.encoding.soap.SOAPDecoder.raiseFault(SOAPDecoder.java:674)
          at com.sun.xml.ws.encoding.soap.server.SOAPXMLDecoder.decodeDispatchMethod(SOAPXMLDecoder.java:152)
          at com.sun.xml.ws.encoding.soap.SOAPDecoder.decodeBodyContent(SOAPDecoder.java:337)
          at com.sun.xml.ws.encoding.soap.SOAPDecoder.decodeBody(SOAPDecoder.java:327)
          at com.sun.xml.ws.encoding.soap.SOAPDecoder.decodeEnvelope(SOAPDecoder.java:250)
          at com.sun.xml.ws.encoding.soap.server.SOAPXMLDecoder.toInternalMessage(SOAPXMLDecoder.java:81)
          ... 29 more
  |#]
  --->handleFault O_o<---|#]If you have any idea for solving my problem, then I can post my simple example :(
  Bye!

• CUP 5.3 is coming back with all risks associated with a user

  HI, i know this has probably come up in the past but i'm not finding it anywhere in the forum.  we are having a problem with CUP 5.3 provisioning as it's bringing up all risks associated with a user rather than the new ones for the role being requested.  this is especially aggravating for roles that do not have a conflict.  i'm thinking this might be a very simple answer but i'm not finding it anywhere.
  thanks
  ryan

  Ryan,
  Excuse me for the link. the problem was because a 'P' at the end
  This is the correct one: Did CUP risk analysis change with SP7?
  And, as per my knodelge, There's no way to show only the "new risks" in CUP risk analysis.
  If you want to use GRC succesfully, first you have to "get clean". Check here (Note 1593056 - Best Practices for Remediation of
  Segregation of Duties risk):
  The Risk Analysis and Remediation (RAR) application is part of the "Get Clean" methodology which is at the core of GRC Access Control. The first step of any Access Control project should be to "Get Clean" of any segregation of duties violations through the use of RAR. Once clean, Compliant User Provisioning, Enterprise Role Management and SuperUser Privilege Management are tools used to "Stay Clean".
  If you've already identified the risk, mitigate them. This is the best practise. I undertand your problem, but until you finish the "clean procedure" you should use an alternative workflow for CUP.
  Cheers,
  Diego.

• Risks associated with database refresh.

  Hi experts,
  I need to clarify a  doubt .I have a cloned SAP BW system (from another system i.e SAn to SAN copy)and then after few months after the first clone I need to refresh the database(Oracle 10 G).The reason being I will have some changes in data at the source system from where it was copied earlier.I shall be applying the application changes by tracking the transport requests(from the original system).
  I need to clarify if we don't refresh the whole system again  by SAN to SAN copy and then do  a database refresh will there be any problem .Is there any risk associated with it.
  Will the requests be available to me on the monitor with the new data or there will be some issues.
  A quick response shall be very useful.
  Shailja.

  Hello,
  Orders for Production , Maintenance, Deliveries, Transfer Order  etc. are created according to the factory calendar .
  You must be sure that all operations can be carried out in the seven days of the week (e.g. deliveries), because SAP can be scheduling aTransfer Order for a Sunday and somebody can be calling you for fixing the issue!
  The normal case is that some operations can take place in the weekend (Production, Maintenance) but other Logistic Operations ( Deliveries) are done only from Mo to Fr. If this is your case, I would create an additional seven days calendar and assign it to the work centers in Production and maintenance, but the Plant would remain linked to the old five days calendar
  Hope this can solve your issue.
  Dario

• Risks associated with changing to new Plant Calendar assigned in OX10

  Our site is considering changing the factor calendar from 5 days a week to 7 days a week in OX10 for the plant.  We curently use all supply chain modules and otc.  Can anyone tell me the warnings/risks associated with doing this?
  Thank you.

  Hello,
  Orders for Production , Maintenance, Deliveries, Transfer Order  etc. are created according to the factory calendar .
  You must be sure that all operations can be carried out in the seven days of the week (e.g. deliveries), because SAP can be scheduling aTransfer Order for a Sunday and somebody can be calling you for fixing the issue!
  The normal case is that some operations can take place in the weekend (Production, Maintenance) but other Logistic Operations ( Deliveries) are done only from Mo to Fr. If this is your case, I would create an additional seven days calendar and assign it to the work centers in Production and maintenance, but the Plant would remain linked to the old five days calendar
  Hope this can solve your issue.
  Dario

• Doc size with digital signature

  i've got 2 questions, please help:
  1) why do .pdfs with digital signatures have such large file size? how can i reduce the size?
  2) why do .pdfs with digital signature become text non-searchable?
  thnx
  brg

  actually the same signature size isn't such a problem when using Adobe software, but when using pdfCreator, the size increases... pls don't give me lectures on using another software, i need A5 and Adobe doesn't provide it...
  so i guess it's the problem within that other pdf maker...
  why i need to pdf print the file? one reason is i can print it ( otherwise signatures don' show, protection i guess), the other reason to protect the signatures that for that specific reason only need to be seen.
  thnx.
  brg

• Jar files with digital signature -pl help

  Hi there
  is there anybody who will help me guiding step by step how to create a jar file (executable) with digital signature?
  thanks in advance.

  Sorry, digital signatures have nothing to do with decompilation security. The short answer is, there's nothing you can do about it. Search the forum for 'obfuscator', a lot of people have asked the same question.
  -Ron

• Form 16 With digital signature giving adobe document corrupted output

  Dear All,
  We have configured ads and implementing form 16 with digital signature,we have done the all configuration as per SAP Guide and dezso blogs,but when generating the form 16 with digital signature its giving
  "Adobe reader could not open _xxxxx.pdf because it is either not a supported file type or corrupted,
  we have done the same configuration in dev its working fine and prd its not working,request you to please provide the solution for the same.
  as per some check list i have cheked ads_https is working fine,but when executing the report fp_pdf_test_00  with rfc ads_https its asking for user name and password,we have maintained the same user name and password for abap and java for both adsuser and ads_agent still same issue,
  pelase suggest.
  please find attached screenshot for your reference.
  Regards,
  Basis

  This can be done but you must use the Document Form var to route the signed pdf. You must configure the FormGuide submit button to 'Submit from PDF' in Guide Builder.
  Also the button on the form must be configured to submit as 'PDF' (not XDP). This change is done when you open the form in designer.
  Note that after you have submitted the signed pdf you will be dealing with a pdf subsequently.
  Attached is a sample FormGuide.

• PDF by email in 46C with digital signature

  Hi all,
  can anyone tell me if it is possible to send a PDF with digital signature from SAP in 4.6C?
  I'm converting a spool order into PDF document, and send it by email using FM SO_NEW_DOCUMENT_ATT_SEND_API1..
  Best Regards,
  Pedro

  Thanks for the reference to the digsig user guide. I've reviewed this documentation and the majority of it I had already tried however one TIP that is in this document that I hadn't seen before points to setting up a FDF file to import AD secure to easily import the ID's
  More specifically, I have configured LDAP and the Security settings in Adobe Pro and when attempting to connect to our LDAP server is when I run into the issue. I am not able to connect. Is there any additional information that you know of that can shed some light on LDAP configuration with Adobe PDF forms for digital id's?

• Problem with Digital Signature strategy in Document Managment System

  Hello ALL,
  I am facing problem with Digital Signature strategy in DMS. If any help its greatly appreciated.
  I have senario where Approvers in DMS will review the document and approve the document and put on their digitial signature. if i have multiple approvers maintained in the characterstics it has to check weather it has been approved by all approvers otherwise it has to reset the status to for approval.
  My problem is i am able to reset the status back from approved to for approval using the badi document_status01 but when the next approver logs in to the document and change the status to approved he is not able to get the digital signature pop up which it comes only first user approves it.
  can any one help me out on whats going wrong in it.
  Thanks
  Srikanth Aduri.

  Hi,
  maybe the reason for this is that the status of the digital signature is not changed. Then the system thinks that the digital signature is still completed and therefore the user is not getting the pop-up again. The database table for the digital signature for documents is TC77. I hope this information is usefull for you.
  Best regards,
  Christoph

• Issue with digital signature

  I am having a issue with digital signature in Adobe 7.
  I was able to sign the document, but my name does not appear on the signature block.  I am using a certificate that is assigned to me, but my name never appears in the “signed by” field.  I did notice that the certificate is assignedto my email address not my name; Could that be what is causing this issue?
  Thanks

  Thanks for the quick response.
  I have tried that I click on the box to show "name", but it still never shows the name......

• PDF files crashes with Digital Signature

  Hi,
  I'm using Acrobat 9.1 Pro.  My files are crashing any time I click on "sign document" to add a digital signature.  with the send error box"Adobe Acrobat 9.1 has encountered a problem and needs to close. We are sorry for the inconvenience."
  Tried several documents it is all the same. Clicking on any sub-function under the sign menue results in crashing of the file.
  Any idea what the problem is?
  Thanks,

  ...well I guess it was something wrong with my computer that caused this, had problems with my firewall/virus program also and when I got that fixed then the book download worked as it should also.
  Zevs

• SRM 7.0 (PPS ) with Digital Signature & Payment Gateway

  Hi,
  I am workng for SRM 7.0 with Procurement for Public sector. I need to confugure the Digital Signature and
  Payment Gateway for Tender Fees. who are all the Third party vendors for Digital singature and Payment Gateway.
  What is the Procedure and SPRO SRM needed in SRM 7.0
  Regards
  Ganesh

  Hi Ganesh ,
  We are using SRM 7.0 with PPS. How to configure Tender Fee payment gateway ? For that I have implemented  Enancement  /SAPPSSRM/IF_BD_TF_ONLINE_PG. But after that I am not able to get any button / link from bidder side so that link redirect to banku2019s web site. Bidder didnu2019t get u201CCreate Responseu201D button because Tender fee is mandatory and I am not able to click on button / link .Where I am doing wrong? Which coding I have to mentioned in Enhancement /SAPPSSRM/IF_BD_TF_ONLINE_PG .
  Any special authorization needed for payment gateway? If anybody send me sample code then really it will be very helpful to me. Please suggest me.
  It will be great help if you give suggestions regarding payment gateway.
  I had already open thread for it. Please reply on following thread .
  RFx Tender Fee Payment Gateway
  Thanks & Regards,
  Abhijeet