Exporting Signing Certificates

Exporting the CAF J2EE Signing Certificate 

 

       1.      Start the SAP J2EE Engine Visual Administrator: C:\usr\sap\<SID>\JC00\j2ee\admin\go.bat.

       2.      Navigate in the left tree panel to Cluster → Server → Services → Key Storage → Runtime → TicketKeystore → SAPLogonTicketKeypair –cert.

       3.      Choose Export.

       4.      The exported certificate will be imported to EP6 to evaluate SSO2 logon tickets.

       5.      Save the certificate to a local directory as <name of your J2EE host>.crt.

Exporting the SAP NetWeaver Portal Signing Certificate

 

       1.      Logon to the SAP NetWeaver Portal with http://<portal_host>:<port>/irj.

Remember to change <host> and <port> with the name of your machine.

       2.      Choose System Administration  →  System Configuration  →  Keystore Administration  →  Content.

       3.      Choose Download verify.der file and save the file to your local directory.

       4.      Unpack the verify.der file and rename it to:

 <name of your portal machine>_<system_ID>_verify.der

For example:  EPMSD038_X38.verify.der

 

Renaming the file is not necessary if you set up integration between the J2EE Engine and a single EP. However, if you have to adjust SSO authentication with more than one portal, the certificate names must be unique in order to prevent certificate overwriting.