Show TOC

Saving Files (UNIX)Locate this document in the navigation structure

Use

You have to save the downloaded executables of the SAP Cryptographic Library (libsapcrypto.<ext>), the key stores to be created (SAPSSLS.pse, SAPSSLC.pse, SAPSNCS.pse, SAPSSLA.pse), and the downloaded license ticket (ticket) in the recommended storage locations.

Prerequisites

The following prerequisites have been assured automatically:

  • The directory for storing the license ticket (ticket) and for storing the key stores to be created (SAPSSLS.pse, SAPSSLC.pse, SAPSNCS.pse, and SAPSSLA.pse) has been built during the TREX installation procedure.
  • The environment variables SECUDIR(DIR_INSTANCE/sec; SAP/<SAPSID>/SYS/TRX<instance_number>/sec) and SNC_LIB (DIR_EXECUTABLE/libsapcrypto.so) are both needed by SAPGENPSE.

    These variables will be set by the shell scriptTREXSettings.* (TREXSettings.sh for Bourne shellsh, Bourne-again shellbash, and Korn shellksh;TREXSettings.csh for C shellcsh) during the start up of TREX.

Saving Files in Recommended Storage Locations

Files Storage Location

sapgenpse

libsapcrypto.<ext> for example,libsapcrypto.so for the operating system SUN

Central directory for executablesDIR_CT_RUN: usr/SAP/<SAPSID>/SYS/exe/nuc/<OS>

The variableDIR_CT_RUN specifies the path to the central directory for executables.

Note

The variableCIR_CT_RUN is defined in the start profile START_TRX<instance_number>_<host>, which you find in the SAP system profile directory of your TREX installation: <SAP System Mount Directory>/<sapsid>/profile

The Central Patch Environment (CPE) takes care of the automatic synchronization of executables and copies them from the central directory into the local TREX directory for executables ($ (DIR_INSTANCE)/exe: /usr/sap/<SAPSID>/SYS /TRX<instance_number>/exe).

Note

To ensure that the automatic synchronization can take place you have toenable CPE support for TREX Security.

ticket

SAPSSLS.pse

SAPSSLC.pse

SAPSSLA.pse

SAPSSNCS.pse

SECUDIR directory for ticket and key stores:

SAP/<SAPSID>/SYS/TRX<instance_number>/sec

The directory for storing license ticket and key stores has been built during the TREX installation procedure. The environment variable SECUDIR(DIR_INSTANCE/sec) will be set by the shell scriptTREXSettings.* during the start up of TREX.

You create the keystores SAPSSLS.pse, SAPSSLC.pse, SAPSSLA.pse, andSAPSSNCS.pse using the cryptography tool SAPGENPSE. These are not part of the SAP Cryptographic Library installation package.

Note

Refer to the notes forusing keystores.

Save the downloaded files libsapcrypto.so (HP-UX: libsapcrypto.sl), sapgenpse, and ticket and the generated key stores in a backup directory. These files may be lost if you completely reinstall TREX. If this happens, you can copy these files either to the central directory for executables (in the case of libsapcrypto.so (HP-UX: libsapcrypto.sl), sapgenpse) or to the directory of the system environment variable SECUDIR (in the case of ticket and the generated keystores). Your security configuration is then available again.

Result

You have configured the cryptography tool SAPGENPSE on UNIX and can now use it to configure secure configuration.

Starting SAPGENPSE

Start the cryptography tool SAPGENPSE using a prompt.

Execute the executable file sapgenpse in the directory in which you defined the environment variable SECUDIR. The cryptography tool SAPGENPSE generates the key stores and stores them in this directory.