2011 May 18 7:13 PM
Dear Gurus,
I am wondering if there is any way to recover the SSL PSE using the old serial key?
Here is the case in which i am looking for:
1. Created the SSL PSE
2. Sent the request for certficate Signing to CA
3. SAP System refreshed (original PSE lost)
4. Got the signed certificate from CA, but cannot apply it on the new PSE (because system was refreshed, new serial key doesnt match with old PSE's serial key)
If any one has a idea ... please share it. The situation can he handled on IIS (Windows Server)
Thanks,
Srikar
2011 May 19 12:18 AM
No, that's not possible. Private key is not part of CSR so there is no way how to get it from CSR, Any backups which could be used to get previous PSE file?
Cheers
2011 May 20 4:58 PM
Martin, I agree private is not part of CSR. But the i believe that serial key inside the private key is sent tyo CA along with CSR and comes back in signed response and thats SAP looks for matching corresponding the private key before it gets into parent PSE. SAP should give some to re-generate lost PSE provided i have its original serial key. This is secruity hack, as long we long to same server trying to regenerate.
let me know your thoughts.
2011 May 20 8:13 PM
Correction to my earlier post:
This is NOT A secruity hack, as long we *log on to * to same server trying to regenerate original PSE.
2011 May 21 2:08 AM
Hi,
I don't understand how you want to reconstruct private key from serial key.
Cheers
2011 May 22 10:44 PM
You might want to consider creating a standard or commonly shared PSE for these servers and relaxing the host name restraint?
Is this your SYSTEM PSE itself or a specific PSE for other scenarios? I faintly suspect you are having this problem on a test system, so you can check how other test systems deal with this issue but must talk to basis about how they manage PSE's and which systems are installed on which servers!
Cheers,
Julius