Show TOC Entering content frame

Process documentation Configuring SAPGENPSE for Use Locate the document in its SAP Library structure

Purpose

If you are configuring and using the cryptography tool SAPGENPSE, you should be aware of which files you require and know where they are stored. These files are not only required initially for the authentication of the communication partner. They are also required during data transmission in order to encode the data and ensure data integrity. This means that the files must be stored in particular places so that the system can find them and access them at runtime.

Prerequisites

·        Windows: You have logged on as SYSTEM administrator.

·        UNIX: You have logged on as trexadm.

·        You have downloaded the SAP Cryptographic Library from the SAP Service Marketplace and unpacked the contained data.

Required Files

Windows

UNIX

sapcrypto.dll (library)

sapgenpse.exe (executable file)

libsapcrypto.<ext>,
for example , libsapcrypto.so for the operating system SUN OS 5.8

sapgenpse (executable file)

ticket (licence ticket)

ticket (licence ticket)

SAPSSLS . pse
Keystore for server certificates

SAPSSLS.pse

SAPSSLC . pse
Keystore for client certificates

SAPSSLC.pse

SAPSSLA.pse
Anonymous keystore

SAPSSLA.pse

Note

You create the keystores SAPSSLS.pse, SAPSSLC.pse, and SAPSSLA.pse using the cryptography tool SAPGENPSE. These are not part of the SAP Cryptographic Library installation package.

Process Flow

You need a system environment variable SECUDIR on Windows and an environment variable SECUDIR on UNIX in order to store the licence tickets (tickets) and the generated keystores ( SAPSSLS.pse , SAPSSLC.pse , SAPSSLA.pse). Set up the variable by checking existing environment variables and creating SECUDIR if it does not already exist. You then store the files in the recommended storage locations.

The procedure is basically the same on Windows and UNIX:

...

       1.      First check whether the system environment variable (Windows) or environment variable (UNIX) SECUDIR already exists as a result of a previous security configuration.

       2.      If it does not exist, create the (system) environment variable SECUDIR and the corresponding directory.

       3.      Store the relevant files in the directories that already existed or that you just created.

       4.      Start the cryptographic tool SAPGENPSE using a prompt.

 

The procedures for Windows and UNIX are described in the following sections:

·        Setting Up SECUDIR and Saving Files (Windows)

·        Setting Up SECUDIR and Saving Files (UNIX)

 

Leaving content frame