If you are using individual PSEs, then use the procedure below to export the application server's public-key certificate so that is available for import into the other servers' certificate lists.
· The SAP Cryptographic Library is installed on the application server.
· The environment variable SECUDIR is set to the location where the PSE is stored.
· The SNC PSE exists on the application server.
Using the trust manager (transaction STRUST):
...
1. Select the SNC PSE.
The SNC PSE's information appears in the PSE maintenance section.
2. Select the server's certificate that is displayed in the Own cert. field.
The certificate's information appears in the certificate section.
3. In the certificate section, choose Export certificate.
The export dialog appears.
4. Save the certificate to the destination (for example, to a local file).
The application server's public-key certificate is located in the file system.
For each of the connections that you want to protect using SNC, import the application server's public-key certificate into the partner's certificate list and create credentials for that server's user. For more information, see Maintaining the Server's Certificate List Using SAPGENPSE.