cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

EAServer security certificate question

Go to solution
Former Member

on ‎04-25-2016 2:17 PM

0 Kudos

I have a client with EAServer 6.3.1.07 Advanced Edition. They need to install a new security certificate which will change it from SHA-1 to SHA-256.

SAP tells them they need to install new SAPCRYPTOLIB.

My question is whether there is a certain patch level of 6.3.1.07 or perhaps a newer version that is required before they can install the latest SAPCRYPTOLIB and then the new SHA-256 certificate?

I'm not familiar with EAServer 6.x so if there is any info you have about this subject please reply.

Thanks,

Roland

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎04-25-2016 3:19 PM
0 Kudos

Hi Roland

We have installed SHA-256 certificates on EAServer 6.3.1.07 without too much of a problem. However, it is not all that straight forward. The key is that you have to install and the "certificate chain" (don't ask me what that means).

We have instructions for the certificates we have used on our systems, If it would help I could put you in touch with my support desk to see if they can help. (PM me)

Below are the instructions for our system, clearly the paths and file names  are system dependant but the commands are the same and it may help.

cd c:\Sybase\Shared\jdk1.6.0_12\bin\

keytool -import -trustcacerts -alias AddTrustExternalCARoot -file C:\temp\hpb_certs_20141111\bond_certs_unpacked\AddTrustExternalCARoot.crt -keystore c:\sybase\easerver6\repository\security\keystore.jks

keytool -import -trustcacerts -alias IntermediateCACertificate1 -file C:\temp\hpb_certs_20141111\bond_certs_unpacked\COMODORSAAddTrustCA.crt -keystore c:\sybase\easerver6\repository\security\keystore.jks

keytool -import -trustcacerts -alias IntermediateCACertificate2 -file C:\temp\hpb_certs_20141111\bond_certs_unpacked\COMODORSADomainValidationSecureServerCA.crt -keystore c:\sybase\easerver6\repository\security\keystore.jks

keytool -import -alias hpbbond3 -file C:\temp\hpb_certs_20141111\bond_certs_unpacked\bond_cert.crt  -keystore c:\sybase\easerver6\repository\security\keystore.jks

This installed a single certificate for our customer.

Hope this helps.

Al the best

David

Show replies
Show replies
Former Member
‎04-26-2016 2:31 AM
0 Kudos

Thanks for letting me know that 6.3.1.07 would work OK. I was able to get it working without installing any patches or even the SAPCRYPTOLIB that SAP told them to install.

Former Member
‎04-26-2016 11:42 AM
0 Kudos

Glad I was able to help Roland.Good Job!

Regards

David

Answers (1)

Answers (1)

former_member543958
Discoverer
‎06-26-2016 11:45 AM
0 Kudos

Hi Roland We have more than 5 years of senior engineer can part time programming(pb11.5,pb12.5.2 easerver 5.5 ,6.3.1,pasp,db2,oracle,sql server), charge $2/H . wzhfs@hotmail.com Regards Guang chen

Show replies
Show replies
Former Member
‎06-26-2016 3:14 PM
0 Kudos

I already got it going.

arnd_schmidt
Active Contributor
‎06-27-2016 2:31 PM
0 Kudos

2$ per hour.... That's fair 😉

former_member543958
Discoverer
‎06-29-2016 9:13 AM
0 Kudos

If you have a project, we do outsourcing in China, the price and quality are reasonable.

Ask a Question