Show TOC

Certificates and KeysLocate this document in the navigation structure

The SAP Mobile Platform shared keystore and truststore manage certificates, and private and public keys.

Keystore

A keystore contains security certificates and their associated private keys. SAP Mobile Platform uses certificates to identify itself to:
  • Clients – with the server certificate.

  • Back-end systems – with technical-user certificates.

A keystore also contains public certificates of trusted entities, typically the CA signing certificates of the back-end systems to which it connects, and the certificate used to sign client certificates.

SAP Mobile Platform includes two keystore files, with the same initial password:
  • local_smp_keystore.jks – created and maintained by the product installer; stores certificates for the local server.

  • smp_keystore.jks – maintained by system administrators; stores all other certificates and the truststore; syncs to all servers in a cluster.

Truststore

The truststore contains certificates from both external parties and certificate authorities trusted to identify other parties. In SAP Mobile Platform, the truststore is stored in the smp_keystore.jks file.

Administrators can make changes to both keystore files using Management Cockpit.

Note

If SAP Mobile Platform is running in a cluster, you must restart each server in the cluster for a password change to take effect. If you change a password in the local keystore, it takes effect immediately.