Use this procedure to import a key pair from a file in PKCS#12 format to a PSE file.
· The SAP Cryptographic Library has been installed.
· The environment variable SECUDIR has been set to the location where the PSE will be stored.
· The PKCS#12 file exists on the server.
Use the following command line to import the key pair to a PSE file:
sapgenpse import_p12 <additional options> [-p <pse file>] <filename>.p12
Where:
Standard Options
Option |
Parameter |
Description |
Allowed Values |
Default |
-p |
<PSE_name> |
Path and file name for the server's PSE |
Path description (in quotation marks, if spaces exist) |
None |
The following command line imports the PKCS#12 file D:\usr\sap\ABC\DVEBMGS28\sec\ABC.p12 to the application server's PSE (<SID> = ABC).
sapgenpse import_p12 -p D:\usr\sap\ABC\DVEBMGS28\sec\ABC.pse D:\usr\sap\ABC\DVEBMGS28\sec\ABC.p12
Additional Options
Option |
Parameter |
Description |
Allowed Values |
Default |
-x |
<PIN> |
PIN that protects the PSE |
Character string |
None |
-z |
<password> |
Password to use for encrypting the P12 file |
Character string |
None |
-r |
<file>
<file2> |
Additional certificate(s) for incomplete PKCS#12 file Up to 10 additional files for building a complete certification path up to the root CA |
Character string |
None |
-2 |
None |
Create PSE format v2 |
None |
None |
-4 |
None |
Create PSE format v4 |
None |
None |