SAP Cryptographic Library

The SAP Cryptographic Library is the default security provider for the secure store and forward (SSF) mechanisms.

The SAP Cryptographic Library provides the functions for creating and verifying digital signatures within SAP NetWeaver Application Server (SAP NetWeaver AS).

The SAP Cryptographic Library is included as part of the standard SAP NetWeaver AS installation. During the installation process, the system uses the SAP Cryptographic Library to generate a personal security environment (PSE) for each application server, called the system PSE. SAP NetWeaver AS can then use the information contained in the PSE to digitally sign documents and verify the digital signatures of other components. You can also use SAP Single Sign-On or another external security product.

The system PSE is created during the installation process and located in the file and directory <instance_directory>/sec/SAPSYS.pse.

Each time an application server is restarted, the system makes sure that the subdirectory sec exists and contains the system PSE for the server. If a system PSE exists, then the system distributes the system PSE to the application server. If no system PSE exists in the database, then the system generates a new one for use by all of the application servers.

If you need to generate a new PSE for an application server after the installation process has already been completed, use Trust Manager (transaction STRUST).