Jacob ZITTOUN

SAP DBTech JDBC: [5643]: Private key provided with own certificate is missing or invalid

Posted on Aug 19, 2016 at 12:19 PM 142 Views

Hello,

I'm learning HCP and wants to follow steps of this blog â€œPlay It Again, SAMLâ€ - How to Set Up SAML Authentication For Your SAP HANA Cloud Platform Trial InstanceI'm stucked at this step "Register the Service Provider Certificate".
Error message I receive is:

Could not execute 'ALTER PSE TrustMe SET OWN CERTIFICATE '-----BEGIN CERTIFICATE----- ...'

Please note that I'm using the existing opensap tenant database as it is not possible to create new ones per SAP HANA Cloud Platform

Can anyone help me to execute this ALTER command on my Eclipse IDE (SAP Hana Administration Console plugin) ?

Thanks

Jacob

error.png (101.7 kB)

Add a comment

2 Answers

Sort by:

Votes

Newest

Oldest

This answer has been deleted.

This answer has been undeleted.

Former Member

Posted on Aug 19, 2016 at 01:03 PM

0
Monsieur ZITTOUN,

Il doit y avoir un problème car je reçois ce mail sans être concerné !

Cordialement,

Pascal ANDRE
- Add a Comment
- Alert Moderator
- Share
Add a comment
10|10000 characters needed characters left characters exceeded
1 Comment
- Jacob ZITTOUN
  
  Aug 19, 2016 at 01:23 PM
  
  Hello Mr André,
  
  Go to my profile @Jacob ZITTOUN and click Stop email Notifications if you don't want to receive emails when I post discussions 😉
  
  Regards,
  
  Jacob
  - Like 0
  - Share
  - Alert Moderator
Comment on This Answer

Comment
This answer has been deleted.

This answer has been undeleted.

Oliver Goetz

Posted on Aug 19, 2016 at 07:20 PM

0
Hi Jacob,
the error message seems to imply that the private key is missing from the own certificate you are trying to create.
It should directly follow after the
-----END CERTIFICATE-----
line and be enclosed in the tags:
-----BEGIN RSA PRIVATE KEY-----
and
-----END RSA PRIVATE KEY-----
All this needs to be in a single long multi-line string as argument for your ALTER PSE TrustMe SET OWN CERTIFICATE statement.
Best regards,
Oliver
- Add a Comment
- Alert Moderator
- Share
Add a comment
10|10000 characters needed characters left characters exceeded
1 Comment
- Jacob ZITTOUN
  
  Aug 22, 2016 at 09:40 AM
  
  Hello Oliver,
  
  Thanks for the tip but both sections BEGIN CERTIFICATE/END CERTIFICATE and BEGIN RSA PRIVATE KEY/END RSA PRIVATE KEY were present in the ALTER PSE command 😉
  
  I finally sorted out the problem: the CN subject attribute was filled out incorrectly when generating the certificate files with openssl !!!
  
  Now a new question arises to continue my learning (section Register Your Service Provider Metadata in the IDP of the blog) : is there a way to connect to an SAP Cloud Identity Administration Console ?
  
  Thanks
  
  Jacob
  - Like 0
  - Share
  - Alert Moderator
Comment on This Answer

Comment

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.

Rules of Engagement

Know someone who can answer? Share a link to this question.

Attachments: Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.

SAP DBTech JDBC: [5643]: Private key provided with own certificate is missing or invalid

Add a comment

Assigned Tags

Related questions

2 Answers

Add a comment

Add a comment

Before answering