Show TOC

Exporting and Importing the TREX CertificateLocate this document in the navigation structure

Use

To join the security information you export the TREX certificate which is stored inside the key store on TREX side and import this certificate on application side.

Prerequisites

  • The SAP Cryptographic Library is installed on the application server.
  • The environment variable SECUDIRis set to the location where the keystore PSE is stored.
  • The SNC PSE exists on the application server.
  • The TREX certificate exists as a file in the file system.

Exporting the TREX Certificate

Use the following command line to export the TREX certificate to the file SAPSNCS.trex.crt:

sapgenpse export_own_cert -o SAPSNCS.trex.crt -p SAPSNCS.pse

Command

Function

sapgenpse

Starts the cryptography tool SAPGENPSE.

export_own_cert

Function of SAPGENPSE that exports the certificate to the key store.

-o <EXPORTED_FILENAME>.trex.crt

Enter the file name of the TREX certificate to be exported.

- p SAPSNCS.pse

You specify the file name of the key store that is to contain the root certificate here.

Importing the TREX Certificate on the Application Side

You import the TREX certificate into the certificate list of the application server. You do this using the trust manager (transaction STRUST):

  1. Start the transaction STRUST.
  2. Select the SNC PSE.

    Information about the SNC PSE appears in the maintenance section.

  3. In the section Certificate, choose the button Import Certificate.The Import Certificatedialog appears.
  4. Select the certificate (for example, the file SAPSNCS.trex.crt) from the destination where your stored it during the TREX certificate export. Choose Base64.as file format.

    Information about the certificate appears in the section Certificate.

  5. Choose Add to Certificate List.

    The certificate is added to the Certificate List.

  6. Save your data.

Result

The TREX certificate is added to the certificate list of the application server.