Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

How to recover SSL PSE

Former Member
0 Kudos
546

Dear Gurus,

I am wondering if there is any way to recover the SSL PSE using the old serial key?

Here is the case in which i am looking for:

1. Created the SSL PSE

2. Sent the request for certficate Signing to CA

3. SAP System refreshed (original PSE lost)

4. Got the signed certificate from CA, but cannot apply it on the new PSE (because system was refreshed, new serial key doesnt match with old PSE's serial key)

If any one has a idea ... please share it. The situation can he handled on IIS (Windows Server)

Thanks,

Srikar

5 REPLIES 5

mvoros
Active Contributor
0 Kudos
280

No, that's not possible. Private key is not part of CSR so there is no way how to get it from CSR, Any backups which could be used to get previous PSE file?

Cheers

Former Member
0 Kudos
280

Martin, I agree private is not part of CSR. But the i believe that serial key inside the private key is sent tyo CA along with CSR and comes back in signed response and thats SAP looks for matching corresponding the private key before it gets into parent PSE. SAP should give some to re-generate lost PSE provided i have its original serial key. This is secruity hack, as long we long to same server trying to regenerate.

let me know your thoughts.

0 Kudos
280

Correction to my earlier post:

This is NOT A secruity hack, as long we *log on to * to same server trying to regenerate original PSE.

0 Kudos
280

Hi,

I don't understand how you want to reconstruct private key from serial key.

Cheers

0 Kudos
280

You might want to consider creating a standard or commonly shared PSE for these servers and relaxing the host name restraint?

Is this your SYSTEM PSE itself or a specific PSE for other scenarios? I faintly suspect you are having this problem on a test system, so you can check how other test systems deal with this issue but must talk to basis about how they manage PSE's and which systems are installed on which servers!

Cheers,

Julius