Setting Trust Between Systems

Trust relationships enable you to establish secure connections between known servers whose identity can be confirmed by a signed certificate. For integrating SAP S/4HANA Cloud and SAP Commerce Cloud, you’ll set up the trust relationships between SAP S/4HANA Cloud and Cloud Integration, and trust relationships between Cloud Integration and SAP Commerce Cloud. That means you need to download the certificate of the Cloud Integration tenant via a web browser and import it to SAP S/4HANA Cloud. Once the Cloud Integration certificate is installed on SAP S/4HANA Cloud, the SAP S/4HANA Cloud server can identify and trust the Cloud Integration server and allow it to securely connect to SAP S/4HANA Cloud. The same is applies for Cloud Integration and SAP Commerce Cloud.

Trust relationships enable you to establish secure connections between known servers whose identity can be confirmed by a signed certificate. You need to download the certificate of the Cloud Integration tenant via a web browser and import it to SAP S/4HANA Cloud. Google Chrome is used as the default browser.

1. Access Cloud Integration using the following format URL:

   Link: https://<tenant management node>/itspaces

2. In the browser bar, choose the lock icon and then Certificate (Valid) of your secure connection.
3. In the Certificate dialog box, go to the Details tab.
4. Choose Copy to File.
5. In the Certificate Export Wizard dialog box, choose Next.
6. Select Base-64 encoded X.509 (.CER) and choose Next.
   Note

   Certificates can be exported in a variety of file formats.
7. Specify the name of the file, and save it to the desktop by default. Choose Next.
8. Choose Finish. A message tells you that the export was successful.

After successfully downloading the certificate, it must be uploaded to SAP S/4HANA Cloud. Use the following steps to achieve this.

1. Log on to your SAP S/4HANA Cloud system as an administrator.
2. Open the Maintain Certificate Trust List. Your user needs to have the SAP_BR_ADMINISTRATOR Business Role.
3. Next to the Certificate Trusts table, choose to add using the + icon.
4. In the Upload Certificate dialog box, browse for the SAP Cloud Integration certificate that you've downloaded, and choose Upload. A system message informs you that the certificate has been uploaded.
   

To maintain a trust relationship between Cloud Integration and SAP Commerce Cloud, you need to download the Cloud Integration certificate, then upload it to SAP Commerce Cloud from the SAP Commerce Cloud Portal.

Once the Cloud Integration certificate is uploaded, your SAP Commerce Cloud environments can reference and deploy it to the SAP Commerce Cloud cluster containers. To be specific, the SAP Cloud Integration certificate will be installed in the Java Virtual Machine (JVM) trust store of the containers running in the SAP Commerce Cloud Kubernetes (K8S) cluster.