Registration

Dear SAP Community Member,
In order to fully benefit from what the SAP Community has to offer, please register at:
http://scn.sap.com
Thank you,
The SAP Community team.
Skip to end of metadata
Go to start of metadata

Prerequisites:

  • Keytool is installed as part of a Java Runtime Environment installation. If using BIPST, keytool can be found in <BIPST Install directory>\BISupport\bin
  • For further documentation on how to use Keytool or when encountering issues while using keytool, see the Oracle documentation here. 

Instructions:

All bolded parameters should be replaced by values appropriate to your environment

Generate the Private Key, Keystore, and a public CA certificate

  1. Open a command line window
  2. Navigate to %JAVA_HOME%\bin
  3. Generate a public key, self-signed certificate, private key and keystore:
    1. Run: keytool -genkeypair -alias CASERVER -keysize 2048 -keyalg RSA -keystore "C:\Keytool\CAsign.jks" -validity 365 -ext bc:c -storepass Password1
    2. Answer the prompts
  4. Export the self-signed certificate
    1. Run: keytool -exportcert -keystore "C:\Keytool\CAsign.jks" -storepass Password1 -alias CASERVER -file "C:\Keytool\cacert.pem" -rfc

Sign a certificate signing request

  1. Copy a certificate signing request to the system (myserver.p10, myserver.csr etc.)
  2. Sign the certificate signing request
    1. keytool -gencert -infile "C:\Keytool\myserver.p10" -validity 365 -keystore "C:\Keytool\CAsign.jks" -alias CASERVER -outfile C:\Keytool\myserver.pem -v
  3. Copy myserver.pem and cacert.pem to your destination computer

Notes:

  • Only one certificate authority should exist per environment
  • No labels