You use the SAP NetWeaver Administrator to create a keystore for the Java client. The keystore is a file that contains the public and private key of the certificate owner and that is protected by a password.
To administrate the keystores and the certificates, use the Keystorage Service of SAP NetWeaver Administrators of Application Server Java.
Starting the Keystorage Service of the SAP NetWeaver Administrator
Start the SAP NetWeaver Administrator on the Application Server Java.
Go to
.The Content: Keystore Views area displays the keystores and certificates that have already been created.
Checking the Root Certificate of the Certification Authority (CA)
Check whether a root certificate from your CA already exists:
In the Content: Keystore Views window, select the TrustedCAs entry. In the window , the available root certificates are displayed.
If no root certificate exists, import a root certificate from a CA that you trust.
In the window Import Entryto import the certificate of your CA from the location at which it was saved. To import a certificate, you have to have previously clicked on the pushbutton Edit at the header of the page.
choose the push buttonSpecify the format of the certificate under Select entry type: and the directory in which the certificate is stored under Enter path to certificate file:
Choose Import.
Generating Keystores
If the root certificate already exists, generate a keystore for the TREX Java client.
In the Content: Keystore Views window, select the TREXKeyStore entry.
In the window TREXKeys choose the pushbutton Add Entry. This starts a configuration wizard for creating the keystore.
During Step 1: Define Settings, enter the name of the keystore (for example ssl) in the field Entry Name and choose Next.
During Step 2: Define Properties, enter information that identifies the owner of the certificate uniquely in the fields countryName to commonName, and choose Next.
Field |
Entry |
Example Entry |
---|---|---|
countryName (2 letter code) |
mycountry |
DE |
stateOrProvinceName |
mystate |
BW |
organizationName |
mycompany |
SAP |
localityName (e.g. city) |
mycity |
Walldorf |
organizationUnitName |
mydepartment |
TREX JC P12345 SP3 |
commonName |
myhost.mydomain |
P12345.wdf.sap-ag.corp |
Specify the path and name of your host and your domain completely in the commonName entry. Note that requirements for this entry can differ depending on the certification authority (CA).
The step Step 2: Sign with Key Pair (optional) is optional and can be skipped with Next.
Choose Finishto create the keystore.
A window confirms that you have successfully created the keystore. The TREXKeyStore: Entries window now contains the keystore you created and its parameters are displayed in the window below. You can now generate a certificate request and send it to your certification authority (CA).