Skip to Content
0

SAP PI - PGP Encryption Module: No private key with signing capability found in...

Jun 12, 2017 at 04:18 PM

137

avatar image
Former Member

I configured the PGP module in a File type adapter in the SAP PI environment according to the SAP documentation: Configuring the Encryption PGP Module. However, the following error is occurring: "PGP Encryption Module: No private key with signing capability found in E:\usr\sap\PID\J71\sec\private_key.p12." (MessageLog.jpg;

CC_FILE_ADAPTER.jpg).

Note: The private key was exported using "sapgenpse" using the following command: "Sapgenpse export_p12 -p <certificate>.pse -z password <private_key>.p12"

I would like to know what may be wrong with the private key and how to solve it?

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

1 Answer

Best Answer
Manoj K Jun 12, 2017 at 04:25 PM
0

Rogerio,

The .p12 key which you generate is not a PGP key pair its a SSH key pair which is used for authentication.

I don't think you can use sapgenpse to generate PGP key pair , i usually use Gnupg (https://www.gnupg.org/) tool to generate PGP key pair.

or there are many free online websites which helps you to generate PGP key pair you can use those too.

Br,

Manoj

Show 5 Share
10 |10000 characters needed characters left characters exceeded
Former Member

Manoj,

I already have the key pair in a ".PSE" file, but the SAP PI PGP module did not recognize it as a valid private key for signing. I believe that it is necessary to export only the private key of the file ".PSE", however, I do not know how to do this, since I have already exported through the "Internet Explorer" (generated a file ".PFX") and also did not work .

Thanks!

Att.,

Rogério Coimbra.

0

Rogerio,

As i mentioned earlier the steps which were u followed are to generate SSH key for authentication they can't be used for PGP Encryption and Decryption.

I would suggest you to generate PGP key via : https://www.igolder.com/PGP/generate-key/ and store the private key in the location then test it.

Br,

Manoj

0
Former Member

Manoj,

I am very grateful for the information and even the test with the private key generated through the site "https://www.igolder.com/PGP/generate-key/" worked. However, what I need to generate is a digital signature (PKCS # 7 standard) from a digital certificate generated by a certifying authority (CA) that is the same certificate that we use to sign public document here in Brazil.

Would you like to know if this is possible through the PG PI Module?

Br.

Rogério Coimbra.

0

AFAIK , CA will sign only SSL certificates i don't think they will sign PGP or SSH key.

0
Former Member

Manoj,

I've been researching and have come to the conclusion that to sign a file in the PKCS#7 standard and convert to BASE64 I will have to develop a Java Mapping or an AFM.

Thank you!

Br.

Rogério Coimbra.

0