Creating a Client PSE

You can use the CLIENT_ICM_SSL_ <instance_ID> keystore view of the SAP NetWeaver Administrator to create a client Personal Security Environment (PSE). The system associates this view with a PSE file named SAPSSLC.pse . This PSE can be used by an AS ABAP that uses the same key pair as the AS Java (for example, in a dual-stack installation) to authenticate itself on other Web servers. For more information about using PSE in AS ABAP, see the AS ABAP documentation.

You are logged on to the SAP NetWeaver Administrator with administrative privileges.

1. Open the Key Storage by navigating to  Configuration Management  Security    Certificates and Keys .

2. Select the CLIENT_ICM_SSL_ <instance_ID> view.

3. Import or create a new certificate.

   The system detects the changes in the view and proposes to automatically export the view to a PSE file and to restart the Internet Communication Manager (ICM). If you want to restart the ICM later, you must manually export the view to a PSE file:

   1. Select the CLIENT_ICM_SSL_ <instance_ID> view.

   2. Choose Export View to PSE .

More information about importing or creating new certificates: Configuring the SSL Key Pair and Trusted X.509 Certificates .

When you export the CLIENT_ICM_SSL_ <instance_ID> view, the system creates the file SAPSSLC.pse in the /usr/sap/<SID>/JC<XX>/sec directory. After you restart the ICM, it starts using this file to set up the default client PSE.

You can also use the command line tool sapgenpse.exe to create a PSE. More information: Creating an SNC PSE for the AS Java .