Setting Up SECUDIR and Saving Files (Windows) 

Use

You need the system environment variable SECURID and the corresponding directory in order to store the license ticket (ticket) and the keystores to be created (SAPSSLS.pse, SAPSSLC.pse, SAPSSLA.pse). Set up the variable by checking existing environment variables and creating SECUDIR if it does not already exist.

Checking Whether SECUDIR Exists

The environment variable SECUDIR may already exist on your host as a result of a secure communication configuration. Proceed as follows to check whether SECUDIR already exists.

       1.      Choose Start ® Settings ® Control Panel ® System.

       2.      Choose Environment Variables from the Advanced tab.

       3.      You can check existing environment variables on the Environment Variables screen under System Variables.

Creating SECUDIR and its Directory

If the system environment SECUDIR does not already exist, you have to create it anew for the configuration of the cryptography tool SAPGENPSE. Proceed as follows.

       4.      Create the directory <home directory>\sec, or C:\sec.

       5.      Choose Start ® Settings ® Control Panel ® System.

       6.      Choose Environment Variables from the Advanced tab.

       7.      Choose System Variables and New in the Environment Variables screen.

       8.      Enter SECUDIR as the variable name and <home directory>\sec or. C:\sec as the variable value. Confirm with OK.

       9.      Restart your computer so that the new system variable SECUDIR is recognized by your operating system.

Saving Files in Recommended Storage Locations

Recommended Storage Locations

Files	Storage Location
sapcrypto.dll sapgenpse.exe	TREX installation directory, for example: C:\usr\sap\<SAPSID>\TRX<instance_number> System environment variable: SAP_RETRIEVAL_PATH Note: The system environment variable SAP_RETRIEVAL_PATH and the TREX installation directory were created during the installation of TREX.
ticket SAPSSLS.pse SAPSSLC.pse SAPSSLA.pse	Directory: <home directory>\sec, for example, C:\sec System environment variable: SECURID. Note: If the system environment variable SECUDIR and the corresponding directory C:\sec, you have to create them both.

You create the keystores SAPSSLS.pse, SAPSSLC.pse, and SAPSSLA.pse using the cryptography tool SAPGENPSE. These are not part of the SAP Cryptographic Library installation package.

Refer to the notes for using keystores.

Save the downloaded files sapcrypto.dll, sapgenpse.exe  and ticket, and the generated keystores, in a backup directory. These files may be lost if you completely reinstall TREX. If this happens, you can copy these files either to the TREX installation directory (in the case of sapcrypto.dll and sapgenpse.exe) or to the directory of the system environment variable SECURID (in the case of ticket and the keystores). Your security configuration will then be available again.

Result

You have configured the cryptography tool SAPGENPSE on Windows and can now use it to configure secure communication.

Starting SAPGENPSE

You start the cryptography tool SAPGENPSE using a prompt.

Execute the executable file sapgenpse in the directory in which you defined the system environment variable SECUDIR. The cryptography tool SAPGENPSE generates the keystores and stores them in this directory.