Skip to Content
Aug 14, 2015 at 05:39 PM

SFTP Sender adapter with Private key


Hello Every one

Client SFTP server ------> SAP PI SFTP( sender adapter ) -----> SAP(AL11 directories)

We are trying to connect third party SFTP server by using SFTP sender adapter in SAP PI and pass the files to SAP AL11 directories

client dont want to use Username and pwd authentication over SFTP

They want to use SFTP private keys.

I have gone through the below document to do SSH authentication, but finding it difficult to understand few things, i am writing this to get a clear understanding of the below document.

Generating SSH Keys for SFTP Adapters - Type 1 - Process Integration - SCN Wiki

After generating the below files, please explain the below.




Do we need to store the files any where else?

  1. why are we generating these files

2. Use Open SSL to Create X.509 and P12 Certificates?what does this mean exactly, are we creating X509 certificate from the private key(private_key.pem), are we converting .pem to X509? if so,why we need to do that?

3. Create the PKCS type 12 Keystore? provide the password (which will be used in channel configuration)? in channel where we maintain the pwd

4. The created key would be in encrypted (binary) form?...

openssl pkcs12 -export -in x509_certificate.pem -inkey private_key.pem -out sftp_keystore.p12 what does this mean exactly? are we converting or renaming./are we changing the format

5. why we need to import sftp_keystore.p12, why dont we import private_key.pem in NWA?

6. Copy the public key in to SSH Server via SFTP

why we need to copy public_key to SSH server and where does this SSH resides?

7. Login to SSH server verify the copied public key

since the public key does not have any permissions, change it to 400 (for read)

use ssh-keygen tool to create openSSH format public key? What does this mean...?

add the created openSSH public key to authorized_keys filles? what does this mean...?

8. Check the permissions of .ssh folder and authorized_keys file for access permissions

9. From the above example in SFTP sender channel what do i need to choose for private key view and private key entry?

Please explain the above if anyone worked on it.....

Thanks in advance