cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

CSR signing by trusted CA

apu_das2
Active Contributor

on ‎09-07-2017 1:24 PM

Hi,

Can anyone provide me any link or steps how can I get my keypair signed by HCI trusted CA.

The CSR is created. How to upload this in Godaddy/Baltimore or any other trusted CA site and get it signed?

One more thing, I can't see keystore option under deployed artifacts of Eclipse now-a-days. Then, how to delpoy system.jks.

Thanks,

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

gayathri_narayana
Advisor
Advisor
‎09-07-2017 9:28 PM

Hello Apu,

Hope these below documentation links help you on the trusted CA's

https://help.sap.com/viewer/368c481cd6954bdfa5d0435479fd4eaf/Cloud/en-US/4509f605e83c4c939a91b81eb3a...

https://help.sap.com/viewer/368c481cd6954bdfa5d0435479fd4eaf/Cloud/en-US/77a609451dbd46a58991e685c37...

Now you can manage your own keystores and certificates, check this blog for more details : https://blogs.sap.com/2017/06/19/cloud-integration-keystore-monitor-now-available-for-tenant-adminis...

Regards,

Gayathri

Show replies
Show replies
gayathri_narayana
Advisor
Advisor
‎09-07-2017 9:28 PM
0 Kudos

Hello Apu,

Hope these below documentation links help you on the trusted CA's

https://help.sap.com/viewer/368c481cd6954bdfa5d0435479fd4eaf/Cloud/en-US/4509f605e83c4c939a91b81eb3a...

https://help.sap.com/viewer/368c481cd6954bdfa5d0435479fd4eaf/Cloud/en-US/77a609451dbd46a58991e685c37...

Now you can manage your own keystores and certificates, check this blog for more details : https://blogs.sap.com/2017/06/19/cloud-integration-keystore-monitor-now-available-for-tenant-adminis...

Regards,

Gayathri

Show replies
Show replies
apu_das2
Active Contributor
‎09-07-2017 10:32 PM
0 Kudos

Hi Gayathri,

Thanks for your reply. I have few doubts. Can you please clarify below to make my cxf-endpoint-IFLMAP-hcisbl green.

1) I have created one system.jks file using key explorer. Generated one key pair and generated CSR. Now, I need to sign this using one trusted CA. So I need to contact with some trusted CA and pay for the CA reply. Am I correct?

2) I need to import all 3 certificates of HCI load balance. Should I download it from below link or load balancer should have some separate URL-

https://xxxxx-tmn.hci.eu1.hana.ondemand.com/itspaces

Please reply. It's quite urgent.

JaySchwendemann
Active Contributor
‎09-08-2017 8:24 AM
0 Kudos

I also would like to know how signing the CSR from a trusted CA works in real life Scenarios.

Most of the big CAs don't actually issue real Client certificates used for authentication (correct me if I'm wrong there). So would we then Need to have an own intermediate (issuing) CA for our Company that itself is then trusted by an approved CA?

Example:

- thawte Primary Root CA - G3 (Trusted Root CA)

- Example.org Issuing (Issuing CA)

- someclient.example.org (Client Certificate)

Any insights on that from a real life perspective?

Many Thanks

Ask a Question