SAP Knowledge Base Article - Preview

2771151 - Digital signature for user and organization check is missing in SAP SRM

Symptom

During RFx publishing, the purchaser user is asked to digitally sign the RFx document, just like during RFx Response submission, the bidder user is asked to digitally sign the RFx Response document as well. These activities of signing the documents can be performed by anyone's digital certificate, which is available on the given computer, even if they do not belong to the current user or the current organization. There is no checks during digital signature for user and organization.


Read more...

Environment

  • SAP enhancement package for SAP Supplier Relationship Management
  • SAP SRM, add-on for bid security and expert bid evaluation

Product

SAP SRM, add-on for bid security and expert bid evaluation all versions ; SAP enhancement package for SAP Supplier Relationship Management all versions

Keywords

EBP, SRMSTD, digital, signature, dig.sig, verification, verify, usb, token, security, browser, mac, windows, user, certificate, certify , KBA , SRM-LOC-BSE , Bid Security Enhancements , SRM-EBP-BID , Bid Invitation , SRM-EBP-QUO , Quotation, Bid , SRM-EBP-CA-SIG , Digital Signature , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.