Skip to Content
author's profile photo Former Member
Former Member

EAServer security certificate question

I have a client with EAServer 6.3.1.07 Advanced Edition. They need to install a new security certificate which will change it from SHA-1 to SHA-256.

SAP tells them they need to install new SAPCRYPTOLIB.

My question is whether there is a certain patch level of 6.3.1.07 or perhaps a newer version that is required before they can install the latest SAPCRYPTOLIB and then the new SHA-256 certificate?

I'm not familiar with EAServer 6.x so if there is any info you have about this subject please reply.

Thanks,

Roland

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

2 Answers

  • Best Answer
    Posted on Apr 25, 2016 at 02:19 PM

    Hi Roland

    We have installed SHA-256 certificates on EAServer 6.3.1.07 without too much of a problem. However, it is not all that straight forward. The key is that you have to install and the "certificate chain" (don't ask me what that means).

    We have instructions for the certificates we have used on our systems, If it would help I could put you in touch with my support desk to see if they can help. (PM me)

    Below are the instructions for our system, clearly the paths and file names are system dependant but the commands are the same and it may help.

    cd c:\Sybase\Shared\jdk1.6.0_12\bin\

    keytool -import -trustcacerts -alias AddTrustExternalCARoot -file C:\temp\hpb_certs_20141111\bond_certs_unpacked\AddTrustExternalCARoot.crt -keystore c:\sybase\easerver6\repository\security\keystore.jks

    keytool -import -trustcacerts -alias IntermediateCACertificate1 -file C:\temp\hpb_certs_20141111\bond_certs_unpacked\COMODORSAAddTrustCA.crt -keystore c:\sybase\easerver6\repository\security\keystore.jks

    keytool -import -trustcacerts -alias IntermediateCACertificate2 -file C:\temp\hpb_certs_20141111\bond_certs_unpacked\COMODORSADomainValidationSecureServerCA.crt -keystore c:\sybase\easerver6\repository\security\keystore.jks

    keytool -import -alias hpbbond3 -file C:\temp\hpb_certs_20141111\bond_certs_unpacked\bond_cert.crt -keystore c:\sybase\easerver6\repository\security\keystore.jks

    This installed a single certificate for our customer.

    Hope this helps.

    Al the best

    David

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Jun 26, 2016 at 10:45 AM

    Hi Roland We have more than 5 years of senior engineer can part time programming´╝łpb11.5,pb12.5.2 easerver 5.5 ´╝î6.3.1´╝îpasp,db2,oracle,sql server´╝ë, charge $2/H . wzhfs@hotmail.com Regards Guang chen

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.