Show TOC

Saving Files (UNIX)Locate this document in the navigation structure

Use

You have to save the downloaded executables of the SAP Cryptographic Library ( libsapcrypto.<ext>), the key stores to be created ( SAPSSLS.pse, SAPSSLC.pse, SAPSNCS.pse, and SAPSSLA.pse), and the downloaded license ticket ( ticket) in the recommended storage locations.

Prerequisites

The following prerequisites have been assured automatically:

  • The directory for storing the license ticket ( ticket) and for storing the key stores to be created ( SAPSSLS.pse, SAPSSLC.pse, SAPSNCS.pse, and SAPSSLA.pse) has been created during the TREX installation procedure.

  • The environment variables SECUDIR (DIR_INSTANCE/sec;SAP/<SAPSID>/SYS/TRX<instance_number>/sec) and SNC_LIB (DIR_EXECUTABLE/libsapcrypto.so) are both needed by SAPGENPSE.

    These variables are set by the shell script TREXSettings.* (TREXSettings.sh for Bourne shell sh, Bourne-again shell bash, and Korn shell ksh; TREXSettings.csh for C shell csh) during the startup of TREX.

Procedure

Saving Files in Recommended Storage Locations

Files

Storage Location

sapgenpse

libsapcrypto.<ext>

For example, libsapcrypto.so for the SUN operating system

Central directory for executables DIR_CT_RUN: usr/SAP/<SAPSID>/SYS/exe/nuc/<OS>

The variable DIR_CT_RUN specifies the path to the central directory for executables.

Note

The variable CIR_CT_RUN is defined in the start profile START_TRX<instance_number>_<host>, which you find in the SAP system profile directory of your TREX installation: <SAP System Mount Directory>/<sapsid>/profile

The Central Patch Environment (CPE) takes care of the automatic synchronization of executables and copies them from the central directory to the local TREX directory for executables ( $ DIR_INSTANCE)/exe: /usr/sap/<SAPSID>/SYS /TRX<instance_number>/exe).

Note

To ensure that automatic synchronization takes place, activate CPE support for TREX security. See: Enabling CPE Support for TREX Security

ticket

SAPSSLS.pse

SAPSSLC.pse

SAPSSLA.pse

SAPSSNCS.pse

SECUDIR directory for ticket and key stores:

SAP/<SAPSID>/SYS/TRX<instance_number>/sec

The directory for storing license ticket and key stores has been built during the TREX installation procedure. The environment variable SECUDIR (DIR_INSTANCE/sec) is set by the shell script TREXSettings.* during the startup of TREX.

You create the SAPSSLS.pse, SAPSSLC.pse, SAPSSLA.pse, and SAPSSNCS.pse keystores using the SAPGENPSE cryptography tool. These are not part of the SAP Cryptographic Library installation package.

Note

Refer to the notes for using keystores.

Save the downloaded files libsapcrypto.so (HP-UX: libsapcrypto.sl), sapgenpse, and ticket and the generated keystores in a backup directory. These files may be lost if you completely reinstall TREX. If this happens, you can copy these files either to the central directory for executables (in the case of libsapcrypto.so (HP-UX: libsapcrypto.sl), sapgenpse) or to the directory of the system environment variable SECUDIR (in the case of ticket and the generated keystores). Your security configuration will then be available again.

Example

You have configured the cryptography tool SAPGENPSE on UNIX and can now use it to configure secure configuration.

Starting SAPGENPSE

Start the cryptography tool SAPGENPSE using a prompt.

Execute the executable file sapgenpse in the directory in which you defined the environment variable SECUDIR. The cryptography tool SAPGENPSE generates the keystores and stores them in this directory.