Show TOC

Creating the KeystoreLocate this document in the navigation structure

Use

You use the SAP NetWeaver Administrator to create a keystore for the Java client. The keystore is a file that contains the public and private key of the certificate owner and that is protected by a password.

Note

To administrate the keystores and the certificates, use the Keystorage Service of SAP NetWeaver Administrators of Application Server Java.

Procedure

Starting the Keystorage Service of the SAP NetWeaver Administrator

  1. Start the SAP NetWeaver Administrator on the Application Server Java.

  2. Go to Start of the navigation path Configuration Management Next navigation step Security Management Next navigation step Key Storage End of the navigation path.

    The Content: Keystore Views area displays the keystores and certificates that have already been created.

Checking the Root Certificate of the Certification Authority (CA)

  • Check whether a root certificate from your CA already exists:

    In the Content: Keystore Views window, select the TrustedCAs entry. In the window Start of the navigation path Trusted CAs Next navigation step Entries: Next navigation step Keystore Entries End of the navigation path , the available root certificates are displayed.

  • If no root certificate exists, import a root certificate from a CA that you trust.

    1. In the window Start of the navigation path Trusted CAs Next navigation step Entries: Next navigation step View Entry Management End of the navigation path choose the push button Import Entryto import the certificate of your CA from the location at which it was saved. To import a certificate, you have to have previously clicked on the pushbutton Edit at the header of the page.

    2. Specify the format of the certificate under Select entry type: and the directory in which the certificate is stored under Enter path to certificate file:

    3. Choose Import.

Generating Keystores

If the root certificate already exists, generate a keystore for the TREX Java client.

  1. In the Content: Keystore Views window, select the TREXKeyStore entry.

  2. In the window TREXKeysStart of the navigation path Store: Next navigation step Entries Next navigation step View Entry Management End of the navigation path choose the pushbutton Add Entry. This starts a configuration wizard for creating the keystore.

  3. During Step 1: Define Settings, enter the name of the keystore (for example ssl) in the field Entry Name and choose Next.

  4. During Step 2: Define Properties, enter information that identifies the owner of the certificate uniquely in the fields countryName to commonName, and choose Next.

    Field

    Entry

    Example Entry

    countryName (2 letter code)

    mycountry

    DE

    stateOrProvinceName

    mystate

    BW

    organizationName

    mycompany

    SAP

    localityName (e.g. city)

    mycity

    Walldorf

    organizationUnitName

    mydepartment

    TREX JC P12345 SP3

    commonName

    myhost.mydomain

    P12345.wdf.sap-ag.corp
    Note

    Specify the path and name of your host and your domain completely in the commonName entry. Note that requirements for this entry can differ depending on the certification authority (CA).

    The step Step 2: Sign with Key Pair (optional) is optional and can be skipped with Next.

  5. Choose Finishto create the keystore.

Result

A window confirms that you have successfully created the keystore. The TREXKeyStore: Entries window now contains the keystore you created and its parameters are displayed in the window below. You can now generate a certificate request and send it to your certification authority (CA).