cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to import SSL server PSE file into system

tombo_larsen
Active Participant

on ‎03-11-2008 8:43 PM

0 Kudos

Hi

We have made a systemcopy and actually wants the SSL server certificate and the SSL Server PSE to be the same (same keypair and content=certificate) as in the source-system for the system copy.

After creating the systemcopy we (by mistake) created a NEW SSL Server PSE using transaction STRUST!

Now we wants to overwrite this with the original SAPSSLS.pse file, which we have.

Actually we manages to do a PSE -> Import in transaction STRUST and are prompted for the password for this PSE file. And after entering the password we can see the correct DN in screen section "File" and the correct certificate in the screen section "Certificate". But it is not save in the database - as soon as we navigate away and back again these data is NOT saved in the "SSL Server" folder of STRUST.

Any ideas

BR

Tom Bo

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

anu_s4
Explorer
‎06-28-2013 9:45 AM
0 Kudos

Tom, you will have to save after importing by selecting  PSE>Save as and select correct option, based on your description (SAPSSLS.pse) it would be "SSL Server".

Show replies
Show replies
former_member185954
Active Contributor
‎03-12-2008 1:38 PM
0 Kudos

Hello Tom,

In your /usr/sap/<SID>/DVEBMGS<INSTANCE>/sec , your system should create a copy of every PSE it modifies.

it creates a copy of the .PSE file with name as tempXXXXX.pse, this is some sort of version management the system keeps.

So you need to login into the Operating System and check the above mentioned directory for any tempXXXX.pse files.

Use the program sapgenpse program to list the keypairs contained in each of the tempXXXX.pse files.

you should be able to find the original one, when you find it, simply copy that one and name it as SAPSSLS.pse.

NOTE: if you don't find any of the files in the above mentioned directory, better scrap the PSE and start the way you configured your source system.

Regards,

Siddhesh

Show replies
Show replies
tombo_larsen
Active Participant
‎03-12-2008 2:16 PM
0 Kudos

Hi Siddhesh

We have a copy of the original PSE file, but this doen't seem to be enough. We have tried to copy it (as SAPSSLS.pse) to the sec directory and restart the system, but when you runs transaction STRUST the data from this PSE is not shown.

I think that this has two sides: A database side and a PSE file side and they have to correspond somehow.

BR

Tom

Ask a Question