Show TOC

Certificates and KeysLocate this document in the navigation structure

The SAP Mobile Platform shared keystore and truststore manage certificates, and private and public keys.


A keystore contains security certificates and their associated private keys. SAP Mobile Platform uses certificates to identify itself to:
  • Clients – with the server certificate.

  • Back-end systems – with technical-user certificates.

A keystore also contains public certificates of trusted entities, typically the CA signing certificates of the back-end systems to which it connects, and the certificate used to sign client certificates.

SAP Mobile Platform includes two keystore files, with the same initial password:
  • local_smp_keystore.jks – created and maintained by the product installer; on each cluster node, stores certificates for the local server, from which you access Management Cockpit. These certificates are used for HTTPS connections.

  • smp_keystore.jks – maintained by system administrators; stores trusted certificates and PKCS #12 certificates for technical user back-end connections, and the truststore. This keystore syncs to all servers in a cluster, so you need not import these certificates into each node.


The truststore contains certificates from both external parties and certificate authorities trusted to identify other parties. In SAP Mobile Platform, the truststore is stored in the smp_keystore.jks file.

Administrators can make changes to both keystore files using Management Cockpit.


If SAP Mobile Platform is running in a cluster, you must restart each server in the cluster for a password change to take effect. If you change a password in the local keystore, it takes effect immediately.