We are currently using x509 certificate based SSO for accessing ABAP (SNC) and JAVA (SSL) stacks for different SAP components. The x.509 certificates are generated with the windows name of the user.
The organization is implementing Adobe Document Signing for which they are generating certificates specifically for users for Document Signing based on there windows user name. Many a times a user selects the SecureLogin certificate instead of the correct Document signign certifcate within Adobe when digitally signing documents.
The question we have is, what are the "Keyusage" types required for SSO to work for our SAP components (ABAP / Java)? We are currently using the defaul certifcate template which has "DigitalSignature | NonRepudiation | KeyEncipherment | DataEncipherment" selected.
The thought is if that is removed from the SecureLogin Certificate template, it may not be presented to these Adobe users as an option.
Below is a screenshot of the Key Usage for securelogin certificate
Below is a screenshot of the Key usage for Document signing certificate.
Appreciate the groups expert opinions on this.
Thanks.