Administrator

Certificates and Keys

The SAP Mobile Platform Server keystores and truststore manage certificates, and private and public keys.

Keystore

A keystore contains security certificates and their associated private keys. SAP Mobile Platform Server uses certificates to identify itself to:
  • Clients – with the server certificate.

  • Back-end systems – with technical-user certificates.

A keystore also contains public certificates of trusted entities, typically the CA signing certificates of the back-end systems to which it connects, and the certificate used to sign client certificates.

SAP Mobile Platform includes two keystore files, with the same initial password:
  • local_smp_keystore.jks – created and maintained by the product installer; on each cluster node, stores certificates for the local server, from which you access Management Cockpit. These certificates are used for HTTPS connections.

  • smp_keystore.jks – maintained by system administrators; stores trusted certificates and PKCS #12 certificates for technical user back-end connections, and the truststore. This keystore syncs to all servers in a cluster, so you need not import these certificates into each node.

Truststore

The truststore contains certificates from both external parties and certificate authorities trusted to identify other parties. In SAP Mobile Platform, the truststore is stored in the smp_keystore.jks file.

Administrators can make changes to both keystore files using Management Cockpit.