cancel
Showing results for 
Search instead for 
Did you mean: 

import of Digital certificate in Visual Administrator

Former Member
0 Kudos

Hello all,

In PI 7.11 I have imported the certificate and key using NWA >Configuration Management> Security Management-> Key Storage.Created a View(for eg:Test_Certificate) and imported the Certificate and Key. But the customers is having PI 7.0 and they have to use the Visual Administrator for importing the digital certificate. My doubt is whether they should import to service_ssl or TicketKeystore.

Can a new view be created in Visual Administrator and import the certificate?Kindly tell me the steps.

(I am using the Digital certificate in UDF to sign the message using the Digital Signatures and Document Encryption API as specified here http://help.sap.com/saphelp_nw2004s/helpdata/en/18/6197044da2a745a4d588da33e0facf/frameset.htm)

your replies are appreciated.

Kind Regards,

Kubra fatima

Accepted Solutions (0)

Answers (2)

Answers (2)

iprieto
Contributor
0 Kudos

Hi Kubra,

My recommendation is install the certificate in Default view, once you have implements the UDF class and get the certificate correctly, then change the certificate store.

The view service_ssl is used for open SSL connections, is not necessary to save the certificate in this view.

Best regards

Ivá

former_member200962
Active Contributor
0 Kudos
My doubt is whether they should import to service_ssl or TicketKeystore.

service_ssl ...for more info http://help.sap.com/saphelp_nw04/helpdata/en/a6/98f73dbc570302e10000000a114084/content.htm

I remember using TicketKeystore for principal propagation.

Regards,

Abhishek.

Former Member
0 Kudos

Thanks Abhishek,

In PI 7.11 I have created a new KeyStorage View and under which I have imported the certificate.In PI 7.0 using Visual Administrator , to import the certificate there is an option to create a View under Runtime tab (Under Global Configuration u2013 Server Instance u2013 Services u2013 Choose Key storage).so can we create a new view and entry using this procedure?

As I have no access to Visual administrator and found this button(Create View) in some screen short in SDN document.

I want to know the details it will ask while creating the Kestorage View and entry.Also I want to know what are the different formats of digital certificate(for example in NWA we can import PKCS#12 or .cert) it support for importing the certificate.

Kindly help me .I have to reply to the customer with the detail steps who is working on PI 7.0

Kind Regards,

Kubra fatima.

former_member200962
Active Contributor
0 Kudos
As I have no access to Visual administrator and found this button(Create View) in some screen short in SDN document.

Check this help section: http://help.sap.com/saphelp_nw04/helpdata/en/53/b221e3b466b346860715a550ca987d/content.htm

for example in NWA we can import PKCS#12 or .cert

If you are Loading then it would be .cert (even .crt)

Former Member
0 Kudos

Thanks Abhishek for the link you have mentioned.

From the link it is clear that while creating a new Keystorage view we just need to specify a name for the new key storage view. similar to PI 7.11 in NWA

To import the certificate under created Keystorage View in PI 7.1 in NWA we follow the below procedure

(In the View Entries tab we choose Import Entry. The Entry Import dialog appears and we select the type of the entry we want to import from the Select entry type dropdown list. The list contains the options X.509 Certificate,PKCS#12 , and PKCS#8 I have selected PKCS#12 Key Pair and Enter path to PKCS#12 Key file and password. Choose Import.)

But in PI 7.0 to Manage Entries there are only to options

Export a key or certificate entry to the file system

Import a CSR response

specified at http://help.sap.com/saphelp_nw04/helpdata/en/53/b221e3b466b346860715a550ca987d/frameset.htm .

Can you please help to find the steps to manage the entry in Visual Administrator or what does load option do which is present in Entries tab.Kindly tell me the details it ask while loading or steps required to manage the certificate and key under created Keystorage View.

Kind Regards,

Kubra fatima.

former_member200962
Active Contributor
0 Kudos

This should answer many of your queries: /people/aniket.tare/blog/2005/03/22/ssl-certificate-installation-procedure-for-sap-j2ee-engine-630-150-steps-in-visual-administrator

what does load option do which is present in Entries tab.

If you have an already signed certificate then you load it into the J2EE server using the Load option.

I have selected PKCS#12 Key Pair and Enter path to PKCS#12 Key file and password. Choose Import.)

not quite sure, but VA also provides you to import PKCS#12 file

Regards,

Abhishek.

Former Member
0 Kudos

Hi,

Let me try to answer the queries which you have. Hope it will help you.

1. As you use the key for signing the message and not for SSL, so it doesn't matter where you put your key-certificate pair. You can create a new view and import the entries else you can also import it under DEFAULT view as already suggested in the current thread. So it depends on how you want to use it.

2. The Load option under Entries would enable you to load the key-cert pair similar to what Import option allows you to do in PI 7.1 in NWA. You need to provide the file location and also the password to import the PKCS12 or PKCS 8 files.

3. If you want to create a new Key-Cert Pair, Abhishek has already provided you the link to do so.

Hope this will help you in performing the needed tasks.

Best Regards,

Pratik