Show TOC

Updating the Default Certificate for HTTPS ConnectionsLocate this document in the navigation structure

SAP Mobile Platform Server includes a default self-signed certificate. You must replace this default certificate with a production-ready certificate after you install SAP Mobile Platform. SAP recommends that you maintain the existing certificate alias when importing new certificates. Then, when you replace the default certificate with a new production certificate, you update the certificate for all listeners simultaneously.

Context

SAP Mobile Platform Server and Management Cockpit share the keystore, which is located in the <SMP_HOME>\Server\configuration directory.

Procedure

  1. Generate new production-ready certificates:
    Use your PKI system to generate SAP Mobile Platform Server certificates and key pairs, and have them signed with the Certificate Authority (CA) certificate used in your organization. Verify that you:
    • Use the existing alias (smp_crt).
    • Set the CN of the certificate to *.<MyDomain>.
    SAP Mobile Platform is compliant with certificates and key pairs generated from most well-known PKI systems.
  2. On each node in a server cluster, import the production-ready certificates and keys using Management Cockpit:
    1. Select Start of the navigation path Settings Next navigation step Certificates Next navigation step Local SMP Certificate End of the navigation path.
    2. Click Import, and define:
      • Certificate File – name and location of the certificate file. To select the file, click Browse.

      • Private Key Password – password for the private key.

    3. Click Import.