Solution : https://service.sap.com/sap/support/notes/1690662 (SAP Service marketplace login required)
Summary :
To ensure all inbound RFC or GUI connections are encrypted, SAP systems must use Secure Network Communication (SNC) with a Quality of Protection (QoP) level set to "Encryption". Previous configuration options like snc/accept_insecure_gui and snc/accept_insecure_rfc are insufficient for enforcing encryption on all connection methods. The solution involves importing a 721 kernel, at least patch level 33, and setting new profile parameters snc/only_encrypted_gui and snc/only_encrypted_rfc to enforce SNC encryption. These settings provide multiple levels of security, ensuring both GUI and RFC connections are secured and encrypted per stringent SNC policies.
Key words :
inbound external rfc connections, inbound internal rfc connections, earlier abap support package, parameters snc/data_protection/max, create system message snc, profile parameters snc/only_encrypted_gui, - inbound rfc connections, 1 - inbound rfc connections, snc/data_protection/min, transaction se91 manually
Related Notes :
| 1728283 | SAP Kernel 721: General Information |
| 1716826 | Usage of the downward compatible kernel 721 (EXT) |
| 1701870 | |
| 1670678 | New features in SAP GUI for Windows 7.30 |
| 1643878 | Release Notes for SNC Client Encryption |
| 1617641 | Addition of SSO feature for SNC in Logon Control |
| 1616598 | Enabling RFC password logon despite SNC |
| 1561161 |