The client, the reverse proxy, and SAP Mobile Platform Server each use their own certificate; you can create or sign these certificates from one root certificate.
SAP Mobile Platform Server includes one default self-signed certificate in:
The certificate is used for HTTPS communications; the alias name is "smp_crt".
openssl rsa -in encrypted.key -out decrypted.key
The SSLCertificateKeyFile and the private key in SSLProxyMachineCertificateFile must be unencrypted.
The SSLProxyMachineCertificateFile must be a public key merged with an unencrypted private key.