Creating the Keystore (SAP Library - Search and Classification (TREX))

Creating the Keystore

Use

You use the visual administrator to create a keystore for the Java client. The keystore is a file that contains the public and private key of the certificate owner and that is protected by a password.

Note

You use the Keystorage Service of the J2EE visual administrator to manage the keystores and certificates. For information on using the keystorage service, see the SAP Help Portal at help.sap.com à SAP NetWeaver à Security à System Security à Structure link System Security for SAP Web AS Java à Key Storage Service

Starting the Keystorage Service of the Visual Administrator

...

1. Start the visual administrator in the J2EE Engine.

2. In the left-hand window of the visual administrator, choose the Cluster tab.

3. Expand the node of the server on which the J2EE Engine is running.

4. Expand the Services node.

5. Choose the entry Storage under Services.

Result

· The tabs Runtime, Properties, and Additional Information appear on the right-hand side of the visual administrator. Existing keystores and certificates are displayed on the Runtime tab. You carry out the remaining steps for providing the certificates for the Java client in this area of the visual administrator.

· The keystores are listed in the Views area of the Runtime tab. The Entries window contains the entry for the private keystore sslkey. The right-hand window displays the parameters of the stored keystores and certificates.

Checking the Root Certificate of the Certification Authority (CA)

· Check whether a root certificate from your CA already exists:

¡ In the Views window, choose TrustedCAs. Existing root certificates are displayed in the Entries window.

· If no root certificate exists, import a root certificate from a CA that you trust.

¡ To import the certificate of your CA from its storage location, choose TrustedCAs and LOAD from the Entry area.

Generating Keystores

If the root certificate already exists, generate a keystore for the TREX Java client.

1. Choose Create View from the Views window.

An input window appears.

2. In the field Enter an alias, enter TREXKeyStore for the name of the keystore of the TREX Java client.

3. Choose the newly created TREXKeyStore.

4. Choose Create from the Entry area.

The input window Key and Certification Generation appears.

5. Use the fields Country Name to Common Name to enter information that uniquely identifies the owner of the certificate.

Field	Entry	Example Entry
Country Name (2 letter code)	mycountry	DE
State/Province (full name)	mystate	BW
Locality Name (e.g. city)	mycity	New York
Organization Name	mycompany	SAP
Organizational Unit Name	mydepartment	TREX JC P12345 SP3
Common Name	myhost.mydomain	P12345.wdf.sap-ag.corp

Note

Use the Common Name entry to enter the path and name of your host and your complete domain. Note that requirements for this entry can differ depending on the certification authority (CA).

6. Enter the name sslkey as the Key Alias in the Entry Name field.

7. The entries in the fields should appear as follows:

Field	Entry
Entry Name	sslkey
Valid From	Current date (entered automatically)
Valid To	Date until when the certificate is to be valid (entered automatically)
Store Certificate	Do not check this box
Key Length	1024 (default)
Algorithm	RSA (default)

8. Choose Generate.

9. The entry sslkey appears in the Entries window.

Result

The content of the keystore is displayed in the right-hand window of the visual administrator. You can now generate a certificate request and send it to your certification authority (CA).