Exporting a PKCS#12 File
Use
Use this procedure to export the key pair from a PSE file to a file in PKCS#12 format.
Prerequisites
- The SAP Cryptographic Library has been installed.
- The environment variable SECUDIR has been set to the location where the PSE is stored.
- The PSE exists on the server.
Procedure
Use the following command line to export the key pair to a PKCS#12 file:
Where:
Standard Options
| Option | Parameter | Description | Allowed Values | Default |
|---|---|---|---|---|
|
-p |
<PSE_name> |
Path and file name for the server's PSE |
Path description (in quotation marks, if spaces exist) |
None |
Additional Options
| Option | Parameter | Description | Allowed Values | Default |
|---|---|---|---|---|
|
-x |
<PIN> |
PIN that protects the PSE |
Character string |
None |
|
-z |
<password> |
Password to use for encrypting the P12 file |
Character string |
None |
|
-C |
<count> |
Include <count> hierarchy certs (0=all incl. PKRoot) |
Integer |
0 |
|
-w |
None |
Use WEAK (=40-bit) encryption for private key |
None |
None |
|
-f |
<pse|cn|dn> |
Select the PSE filename, the CN part of the Distinguished Name, or the full subject of the Distinguished Name to use for the friendly name to identify the key pair |
pse, cn, or dn |
None |
|
-F |
<fr_name> |
Set <fr_name> as friendly name for the exported keypair (overrides any-f selection) |
Character string |
None |