(v12.0.9111.30500 started 2024-12-11 16:09:49 on VM2)
Keyword FWCC to forward a client certificate, Email and Issuer. If this keyword is specified and a client certificate has been received (keywords SSL and CCR and http protocol must be used): - An additional HTTP header will be inserted into the first http message of the session and transmitted to the destination. - Header name: SSL_CLIENT_CERT - Value: received client certificate (~ .CER file) - Format: Base64 encoded string, one line This is especially useful to forward credentials to SAP. In that case ApplicGate acts as a SAP Web Displatcher: See also help.sap.com In that case the Application Gateway must identify itself using a client certificate (keywords SSLTARGET and SSLCC) in order to establish a trust.
Also following HTTP headers will be inserted if a username (email) is available (from certificates, OTP, TOTP, OAuth or RADIUS): - Header name: Email, Value: email - Header name: Issuer, Value: Issuer or type of authentication
Keywords to check the transmitted values at links terminating at ApplicGate (manage, status and web). Keyword CCRF:EmailAddresses ... to check a client certificate forwarded by FWCC The user certificate forwarded in the http header SSL_CLIENT_CERT will be extracted and checked for validity and trust. - Optional keywords: ISSF, ROOF, RVMF ... same functions as keywords ISS, ROO and RVM2
Keyword CCRE:EmailAddresses ... to check the email forwarded by FWCC in the http header Email - Optional keyword: ISSE ... to check the issuer forwarded by FWCC in the http header Issuer, same syntax as keyword ISS