on 03-11-2008 8:43 PM
Hi
We have made a systemcopy and actually wants the SSL server certificate and the SSL Server PSE to be the same (same keypair and content=certificate) as in the source-system for the system copy.
After creating the systemcopy we (by mistake) created a NEW SSL Server PSE using transaction STRUST!
Now we wants to overwrite this with the original SAPSSLS.pse file, which we have.
Actually we manages to do a PSE -> Import in transaction STRUST and are prompted for the password for this PSE file. And after entering the password we can see the correct DN in screen section "File" and the correct certificate in the screen section "Certificate". But it is not save in the database - as soon as we navigate away and back again these data is NOT saved in the "SSL Server" folder of STRUST.
Any ideas
BR
Tom Bo
Tom, you will have to save after importing by selecting PSE>Save as and select correct option, based on your description (SAPSSLS.pse) it would be "SSL Server".
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Tom,
In your /usr/sap/<SID>/DVEBMGS<INSTANCE>/sec , your system should create a copy of every PSE it modifies.
it creates a copy of the .PSE file with name as tempXXXXX.pse, this is some sort of version management the system keeps.
So you need to login into the Operating System and check the above mentioned directory for any tempXXXX.pse files.
Use the program sapgenpse program to list the keypairs contained in each of the tempXXXX.pse files.
you should be able to find the original one, when you find it, simply copy that one and name it as SAPSSLS.pse.
NOTE: if you don't find any of the files in the above mentioned directory, better scrap the PSE and start the way you configured your source system.
Regards,
Siddhesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Siddhesh
We have a copy of the original PSE file, but this doen't seem to be enough. We have tried to copy it (as SAPSSLS.pse) to the sec directory and restart the system, but when you runs transaction STRUST the data from this PSE is not shown.
I think that this has two sides: A database side and a PSE file side and they have to correspond somehow.
BR
Tom
User | Count |
---|---|
93 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.