Use the tool's command maintain_pk to maintain the server's certificate list.
sapgenpse maintain_pk [<additional options>] [-a <cert_file>] [-d <number>] -p <PSE_name> [-x <PIN>]
Where:
Standard Options
Option |
Parameter |
Description |
Allowed Values |
Default |
-a |
<cert_file> |
Add certificate from file <cert_file> to the certificate list. |
Path description (in quotation marks, if spaces exist) |
None |
-m |
<cert_file> |
Add multiple certificates from <cert_file> to the certificate list. |
Not applicable |
None |
-M |
<store> |
Add multiple certificates from the CryptoAPI certificate store to the certificate list. |
ROOT, CA, MY, SPC |
None |
-d |
<number> |
Delete certificate number <number> from certificate list. |
Numerical value |
None |
-p |
<PSE_name> |
Path and file name for the server's PSE |
Path description (in quotation marks, if spaces exist) |
None |
-x |
<PIN> |
PIN that protects the PSE |
Character string |
None |
Additional Options
Option |
Parameter |
Description |
Allowed Values |
Default |
-l |
None |
List existing certificate list |
Not applicable |
None |
-y |
None |
Automatic YES-mode for –m or –M options. |
Not applicable |
None |
Importing a Certificate into the Application Server's Certificate List
The following command line imports the AGate's certificate from the file D:\usr\sap\ABC\DVEBMGS28\sec\ABC_AGate.crt into the application server's PSE, which is located at D:\usr\sap\ABC\DVEBMGS28\sec\ABC.pse.
sapgenpse
maintain_pk -a D:\usr\sap\ABC\DVEBMGS28\sec\
ABC_AGate.crt -p D:\usr\sap\ABC\DVEBMGS28\sec\ABC.pse