Creating the Server's Credentials Using SAPGENPSE
Use
The server must have active credentials at run-time. Therefore, to produce active credentials, you must use the configuration tool's commandseclogin to "open" the server's PSE.
Prerequisites
- The SAP Cryptographic Library is installed on the server.
- The environment variableSECUDIR has been set to the location where the PSE is stored.
- The PSE exists on the server.
Procedure
Use the following command line to open the server's PSE and create credentials:
Where:
Standard Options
| Option | Parameter | Description | Allowed Values | Default |
|---|---|---|---|---|
|
-p |
<PSE_name> |
Path and file name for the server's PSE |
Path description (in quotation marks, if spaces exist) |
None |
|
-x |
<PIN> |
PIN that protects the PSE |
Character string |
None |
|
-O |
[<Windows_Domain>]\<user_ID> |
User for which the credentials are created. (The user that runs the server's processes.) |
Valid operating system user |
The current user |
Additional Options
| Option | Parameter | Description | Allowed Values | Default |
|---|---|---|---|---|
|
-l |
None |
List all available credentials for the current user. |
Not applicable |
Not set |
|
-d |
None |
Delete PSE |
Not applicable |
Not set |
|
-chpin |
None |
Specifies that you want to change the PIN |
Not applicable |
Not set |
Examples
Creating Credentials for the Application Server
The following command line opens the application server's PSE (<SID> = ABC) that is located atD:\usr\sap\ABC\DVEBMGS28\sec\ABC.pse and creates credentials for the userSAPServiceABC. The PIN that protects the PSE is abcpin.
sapgenpse seclogin -p D:\usr\sap\ABC\DVEBMGS28\sec\ABC.pse -x abcpin -O SAPServiceABC
Result
The credentials file (cred_v2) for the user provided with the -O option is created in theSECUDIR directory.