Using the Cryptography Tool

Purpose

You use the following tools for configuring and managing secure communication:

The SAPGENPSE Cryptography Tool
SAP NetWeaver Administrator
Cryptography Software for Apache Web Server

The SAPGENPSE Cryptography Tool

The SAPGENPSE cryptography tool consists of the following files:

Windows	UNIX
`sapcrypto.dll` (library) `sapgenpse.exe` (executable file)	`libsapcrypto.<ext>,`  for example, `libsapcrypto.so` for the operating system SUN OS 5.8. `sapgenpse` (executable file).
`ticket` (license ticket)	`ticket` (license ticket)

Windows

UNIX

sapcrypto.dll (library)

sapgenpse.exe (executable file)

libsapcrypto.<ext>,  for example, libsapcrypto.so for the operating system SUN OS 5.8.

sapgenpse (executable file).

ticket (license ticket)

You use the SAPGENPSE cryptography tool to configure secure communication between the TREX preprocessor and the portal Web server, and between the TREX Web server and the TREX name server. You download SAPGENPSE as part of the SAP Cryptographic Library from the SAP Service Marketplace.

Process Flow

Carry out the following steps to make SAPGENPSE available:

Downloading the SAP Cryptographic Library
Configuring SAPGENPSE for Use
Note
If you are using SAPGENPSE for the configuration, you should read the following information: Using Keystores.

SAP NetWeaver Administrator and SAP JAVA Cryptographic Toolkit

SAP NetWeaver Administrator
You can use SAP NetWeaver Administrator to configure secure communication between the TREX Web server and the TREX Java client in Content Management.
SAP Java Cryptographic Toolkit
As of SAP NetWeaver 7.0, the SAP J2EE Engine is delivered as standard with the SAP Java Cryptographic Toolkits including the policy files.

Cryptography Software for Apache Web Server

You configure the Apache Web server, which communicates with the CM Java client as the TREX Web server, using the OpenSSL cryptography tool. You generate the OpenSSL tool and the library mod_SSL.so, which you need for the security configuration of the Apache Web server, using a build process. For the build process, you need the OpenSSL and mod_SSL software packages and the package of the corresponding Apache Web server. You download the latter package from the Web pages of the Apache Open Source project. You then start the build process using the build_ssl.sh build script.

Required Software

You need the following software for the build process:

Software	Naming	Available From
`OpenSSL` package	`openssl-0.9.7c`	`www.openssl.org/source`
`modSSL` package	`mod_ssl-2.8.16-1.3.29`	`www.modssl.org/source`
Apache Web server package	`apache_1.3.29`	`www.apache.org/dist/httpd`
Build script	`build_ssl.sh`	Attachment of SAP Note 620169 TREX 6.0/6.1/7.0: SSL and HTTPS for Apache Web Server

Process Flow

See Providing Cryptography Software for Apache Web Server.