cancel
Showing results for 
Search instead for 
Did you mean: 

Digital signature SFTP channel:No private key with signing capability found

Former Member
0 Kudos

Hi Experts,

I am trying to digitally sign messages being sent to the SFTP server using the PGP modules and I am getting the below error :

PGP Encryption Module: No
private key with signing capability found in
/usr/sap/<SID>/<instance>/sec/<sid>_private_key.key.  (<sid>_private_key.key is the name of the private key file given by me )

I have followed the instructions in "Generating SSH Keys for SFTP Adapters - Type 2 - Process Integration - SCN Wiki".

Please see the below screen capture of the channel configuration.Quick help will be much appreciated, I also tried exporting the private key from NWA key storage, imported it in the /usr/sap/<SID>/<instance>/sec/ directory and calling that key in the module but same is the result.

I tried checking the XPI_INSPECTOR logs as well but no futher information is available there.

Thanks & Regards,

Harish.

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

Hi Guys...My issue has been solved long back but just wanted to update this discussion so that it may help others.

It was a very silly mistake from my end, I used SXDA_TOOLS transaction to upload the "Key" file and the encoding of the file was changed.

Inspite of facing similar issues in the past, I did not use direct upload via FILEZILLA or WINSCP.

Please use one of the file transfer tools or upload it via some ABAP report as a ZIP file and then UNZIP it using RSBDCOS0 report at OS level.

Harish
Active Contributor
0 Kudos

Hi,

good to hear that your problem is solved. Please close the discussion as well.

regards,

Harish

Answers (2)

Answers (2)

Former Member
0 Kudos

Any help here please, points will be awarded for a helpful answer .

Harish
Active Contributor
0 Kudos

Hi,

In one the link they define the key path in Module paramter, please try to define the key path.

Regards,

Harish

Harish_Kintali
Explorer
0 Kudos

But that is only needed if I am not uploading the private key in the default folder, /usr/sap/<SID>/DVEBMGS00/sec.I have checked the channel logs as well and it took the right path and the correct key file.

Harish
Active Contributor
0 Kudos

Hi,

If there is no issue with the path, then only thing you can check is certificate key.

Regards,

Harish

Harish
Active Contributor
0 Kudos

Hi,

your error is "The file specified in the parameter ownPrivateKey does not contain an appropriate private key.". Please check the path of private key and try to define in module configuration.

Please also check the below discussion

Regards,

Harish

Former Member
0 Kudos

Hi Harish,

I am having some other issues in verifying it with the SFTP server (via putty) so currently I can't verify the private key with the sftp server.Is there any other way I can verify the correctness of the key ?

I exactly followed the same procedure as in the link (type 2) above.I tried some online tools to check if the private and public key are matching.

Also I have got the certificate signed via "Sap's test CA certificate", is it a case that SAP's test CA certificate has no such SIGNING capability ?