Importing a PKCS#12 File (SAP Library - Network and Transport Layer Security)

Importing a PKCS#12 File

Use this procedure to import a key pair from a file in PKCS#12 format to a PSE file.

· The SAP Cryptographic Library has been installed.

· The environment variable SECUDIR has been set to the location where the PSE will be stored.

· The PKCS#12 file exists on the server.

Use the following command line to import the key pair to a PSE file:

Syntax

sapgenpse import_p12 <additional options> [-p <pse file>] <filename>.p12

Where:

Standard Options

Option	Parameter	Description	Allowed Values	Default
-p	<PSE_name>	Path and file name for the server's PSE	Path description (in quotation marks, if spaces exist)	None

Example

The following command line imports the PKCS#12 file D:\usr\sap\ABC\DVEBMGS28\sec\ABC.p12 to the application server's PSE (<SID> = ABC).

sapgenpse import_p12 -p D:\usr\sap\ABC\DVEBMGS28\sec\ABC.pse D:\usr\sap\ABC\DVEBMGS28\sec\ABC.p12

Additional Options

Option	Parameter	Description	Allowed Values	Default
-x	<PIN>	PIN that protects the PSE	Character string	None
-z	<password>	Password to use for encrypting the P12 file	Character string	None
-r	<file> <file2>	Additional certificate(s) for incomplete PKCS#12 file Up to 10 additional files for building a complete certification path up to the root CA	Character string	None
-2	None	Create PSE format v2	None	None
-4	None	Create PSE format v4	None	None