• Step by Step guide for SAP Support Backbone Update


    Prerequisites.

    All customers with ABAP-based SAP systems needs to switch to the new infrastructure before January 2020 to ensure smooth connectivity.
     

    Resolution for Solution Manager.

     
    Look at this step-by-step guide by Praveena Subramani
     
     

    Resolution for other ABAP systems.

    Step-by-step guide.

    0. Make a backup. 

    1.Technical communication user for the systems

    We must request a technical communication user for the systems ( Refer SAP Note 2174416) . (You cannot convert a regular S-user into a technical communication user.) The technical communication user is required, for example, to download digitally signed SAP Notes from Note Assistant (transaction SNOTE). Technical communication users cannot be used to log on in dialog mode, and their passwords do not expire.

    For this step, we need Handling of Technical Communication Users  here – https://apps.support.sap.com/technical-user/index.html

    A user was successfully requested.

    2.Required ST-PI and ST-A/PI Plug-In Versions for SAP NetWeaver
     
    Prerequisites:
    ● ST-PI 2008_1_7xx SP20 and higher, or ST-PI 740 SP10 and higher
    ● ST-A/PI 01T* SP01 and higher
     
    Check ST-PI and ST/PI version
     
     
     
    Download and implement actual ST-PI and ST-A/PI version in SPAM transaction
     
     
     
     
     
     
     
    3. Import certificates into STRUST transaction
     
    3.1 Download attachments from Note #2631190
     
     
    3.2.  Import certificates in STRUST transaction
     
     
     
    4. Maintan ssl/client_ciphersuites parameter in RZ11 transaction.
     
    Set ssl/client_ciphersuites = 150:PFS:HIGH::EC_P256:EC_HIGH in SAP instance profile (Dialog instance, restart is required)
     
     
    5.Update SAP Kernel to latest version including SAPCRYPTOLIB.
     
     
    6.Enabling Note Assistant for TCI and Digitally Signed SAP Notes
     
    6.1. Implement Note #2836302
    2836302 – Automated guided steps for enabling Note Assistant for TCI and Digitally Signed SAP Notes
     
     
    Objects inside (DYNP -Web Dynpro, FUNC – Functions, REPS – Reports, etc)
     
     
    7.Run Report – RCWB_TCI_DIGITSIGN_AUTOMATION (Automated guided steps for enabling Note Assistant for TCI and Digitally Signed SAP Notes)
     
     
        7.1. Implement Notes:  2508268, 2721941 (Step 10 of RCWB_TCI_DIGITSIGN_AUTOMATION Report)
     
     
     
       7.2. Configure Download Procedure for SNOTE
     
         Enable HTTP Protocol and RFC Destinations
     
    • SAP-SUPPORT_PORTAL (Type H)
    • SAP-SUPPORT_NOTE_DOWNLOAD (Type G)

    7.3. Maintain Procedure Connectivity
     
    Upload TCI Package  SAPK75000KCPSAPBASIS
     
     
    7.4. Upload Note 2827658
     
     
    7.5. Maintain Task List Run SAP_BASIS_CONFIG_OSS_COMM
     
     
     
    Step – Create HTTPS Connections for SAP Service
     
     
    7.6. Lock Procedure Configuration in Transport Request
     
     
    8.Finally Check
     
    Check download of Digitally Signed test Note 2424539
     
     
     
     
    Troubleshooting
     
    Problem.
     
    Connect to <host> failed: NIEROUT_INTERN(-93)
     
    Resolution.
     
    Check note
     
    1) The used SAProuter string to access either target hosts servicepoint.sap.com, apps.support.sap.com or notesdownloads.sap.com is too long. In the SAP_BASIS release 740 the SAP router string will be truncated after 100 Bytes.
    Example:  /H/<customer-saprouter_1>/S/sapdp99/H/<customer-saprouter_2>/S/sapdp99/H/<sapserver>/S/sapdp99/H/apps.support.sap.com/S/443   -> error
    2) The Port Number 443 of Access URL was manually change to another number, e.g. icm http or https port.
    3) The SAProuter string was copied from SAPOSS or SAP-OSS included host oss001.Therefore the target host is wrong, e.g. /H/<customer-saprouter_1>/S/sapdp99/H/<customer-saprouter_2>/S/sapdp99/H/<sapserver>/S/sapdp99/H/oss001apps.support.sap.com .
     
    Problem resolution.
     
    1) This issue has been fixed in software component SAP_BASIS release 740 SP18 or higher.
    Reduce the total length of the SAP router string in task “Create Support Portal HTTP Destination (SM59)” by
    a) using port numbers instead of service names (e.g. 3299 vs sapdp99)
    b) using IP addresses or shorter host names (e.g. 10.10.10.1)
    Example:
     /H/<customer-saprouter_1>/S/sapdp99/H/<customer-saprouter_2>/S/sapdp99/H/<sapserver>/S/sapdp99/H/apps.support.sap.com/S/443   -> error ( > 100 Bytes )
    /H/<IP_customer-SR_1>/S/3299/H/<IP_customer-SR_2>/S/3299/H/<IP_sapserver>/S/3299/H/apps.support.sap.com/S/443   -> OK ( < 101 Bytes)
     
    2) Change the Port Number / Service No. of Access URL back to 443.
    3) Delete the string “oss001″in the SAProuter string.
     
    In other words – check
    Target host for RFC destinations:
     
    SAP-SUPPORT_NOTE_DOWNLOAD
    SAP-SUPPORT_PARCELBOX and SAP-SUPPORT_PORTAL
     

    Conclusion.

    SAP Support Backbone Update procedure provided.
     
    Useful resources about this topic.
     
    CONFIGURATION GUIDE:
    Cheat Sheet – Enabling SNOTE for Digitally Signed SAP Notes and for TCI:
    2836302 – Automated guided steps for enabling Note Assistant for TCI and Digitally Signed SAP Notes:
    Digital Signature.pdf attached to Note 2576306
    SAP Support Backbone Connectivity Troubleshooting
  • 相关阅读:
    礼物(枚举,二分)
    空调(差分)
    Prefix Equality(哈希)
    py导入时段报表+清理旧文件
    php 0504
    php 0511
    php 0512
    php 0506
    php 0505
    php 0510
  • 原文地址:https://www.cnblogs.com/weikui/p/12520390.html
Copyright © 2020-2023  润新知