1. Start the SAP J2EE Engine Visual Administrator: C:\usr\sap\<SID>\JC00\j2ee\admin\go.bat.
2. Navigate in the left tree panel to Cluster → Server → Services → Key Storage → Runtime → TicketKeystore → SAPLogonTicketKeypair –cert.
3. Choose Export.
4. The exported certificate will be imported to EP6 to evaluate SSO2 logon tickets.
5. Save the certificate to a local directory as <name of your J2EE host>.crt.
1. Logon to the SAP NetWeaver Portal with http://<portal_host>:<port>/irj.
Remember to change <host> and <port> with the name of your machine.
2. Choose System Administration → System Configuration → Keystore Administration → Content.
3. Choose Download verify.der file and save the file to your local directory.
4. Unpack the verify.der file and rename it to:
<name of your portal machine>_<system_ID>_verify.der
For example: EPMSD038_X38.verify.der
Renaming the file is not necessary if you set up integration between the J2EE Engine and a single EP. However, if you have to adjust SSO authentication with more than one portal, the certificate names must be unique in order to prevent certificate overwriting.