Skip to Content

How to import SSL server PSE file into system


We have made a systemcopy and actually wants the SSL server certificate and the SSL Server PSE to be the same (same keypair and content=certificate) as in the source-system for the system copy.

After creating the systemcopy we (by mistake) created a NEW SSL Server PSE using transaction STRUST!

Now we wants to overwrite this with the original SAPSSLS.pse file, which we have.

Actually we manages to do a PSE -> Import in transaction STRUST and are prompted for the password for this PSE file. And after entering the password we can see the correct DN in screen section "File" and the correct certificate in the screen section "Certificate". But it is not save in the database - as soon as we navigate away and back again these data is NOT saved in the "SSL Server" folder of STRUST.

Any ideas


Tom Bo

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

2 Answers

  • avatar image
    Former Member
    Mar 12, 2008 at 01:38 PM

    Hello Tom,

    In your /usr/sap/<SID>/DVEBMGS<INSTANCE>/sec , your system should create a copy of every PSE it modifies.

    it creates a copy of the .PSE file with name as tempXXXXX.pse, this is some sort of version management the system keeps.

    So you need to login into the Operating System and check the above mentioned directory for any tempXXXX.pse files.

    Use the program sapgenpse program to list the keypairs contained in each of the tempXXXX.pse files.

    you should be able to find the original one, when you find it, simply copy that one and name it as SAPSSLS.pse.

    NOTE: if you don't find any of the files in the above mentioned directory, better scrap the PSE and start the way you configured your source system.



    Add comment
    10|10000 characters needed characters exceeded

    • Hi Siddhesh

      We have a copy of the original PSE file, but this doen't seem to be enough. We have tried to copy it (as SAPSSLS.pse) to the sec directory and restart the system, but when you runs transaction STRUST the data from this PSE is not shown.

      I think that this has two sides: A database side and a PSE file side and they have to correspond somehow.



  • avatar image
    Former Member
    Jun 28, 2013 at 08:45 AM

    Tom, you will have to save after importing by selecting PSE>Save as and select correct option, based on your description (SAPSSLS.pse) it would be "SSL Server".

    Add comment
    10|10000 characters needed characters exceeded