Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
cancel
Showing results for 
Search instead for 
Did you mean: 
mahesh_varma
Product and Topic Expert
Product and Topic Expert
5,673
How to create Personal Information Exchange (.pfx) files?




Securing your systems often involves managing certificates effectively. Here's a step-by-step guide to generate a PFX certificate from your SAP Business Technology Platform (SAP BTP) Service Binding's private/public key pair.

The generated PFX file can be effectively utilized to facilitate seamless integration between SAP Document and Reporting Compliance, cloud edition and on-premise systems like SAP S/4HANA and SAP ERP. This integration enables the exchange of electronic documents with regulatory authorities in various countries or regions, ensuring compliance and efficient document management.




Note: This blog describes steps carried out in non-SAP tools. The steps provided in this blog post are accurate at the time of writing. However, as tools and processes evolve, the depicted steps might change. Ensure to verify and adapt to any modifications in the tools or platforms showcased.




Prerequisites:

  • You are integrating a business system, for example, SAP S/4HANA Cloud, SAP S/4HANA or SAP ERP with the SAP Document and Reporting Compliance, cloud edition, to exchange documents with tax authorities or business partners. See Supported Business Scenarios.

  • You have access to BTP portal with a created service binding using 'X.509 Certificate' authentication.






Steps:



    1. Access Service Binding:

      • Log in to the BTP portal and navigate to the service binding you've created with 'X.509 Certificate' authentication.
        Navigate to Service Binding: Instances and Subscriptions -> Instances -> Select the Service Binding 

      • You will see Service Binding credentials as shown in the screenshot.


       

    2. Copy Certificate Content:

      • Copy the content of the Certificate field in the service binding into a text editor, for example, Notepad++.



    3. Format Certificate Content:

      • Select all content in Notepad++ (Ctrl+A) and use Ctrl+F to open the Find/Replace window.

      • In the Replace tab, use the settings shown in the screenshot and click on Replace All to replace specific content.

      • Select all the content in Notepad++ (Ctrl+A) and use Ctrl+F to open the Find/Replace window.

      • In the Replace tab, use the settings shown in the screenshot and click on Replace All to replace specific content.

      • After you have done the modifications, certificate content in Notepad++ should look as shown in the screenshot.



    4. Save Certificate as .pem:

      • Save the formatted certificate content in ".pem" format in your local directory.
        Example: 'certificate.pem'



    5. Copy Key Content:

      • Return to the service binding in BTP portal to copy the content from the Key field and paste it in Notepad++.



    6. Format Key Content:

      • Select all content in Notepad++ (Ctrl+A) and use Ctrl+F to open the Find/Replace window.

      • In the Replace tab, use the settings shown in the screenshot and click on Replace All to replace specific content.

      • Select all the content in Notepad++ (Ctrl+A) and use Ctrl+F to open the Find/Replace window.

      • In the Replace tab, use the settings shown in the screenshot and click on Replace All to replace specific content.

      • After you have done the modifications, key content in Notepad++ should look as shown in the screenshot.



    7. Save key as .key:

      • Save the formatted key content in ".key" format in the same local directory where 'certificate.pem' file was saved..
        Example: 'certificategen.key'



    8. Generate PFX File Using GIT Bash:

      • Open GIT Bash from the same local directory and run the command:
        winpty openssl pkcs12 -export -inkey <key_file_name>.key -in <pem_file_name>.pem -out <pfx_certificate_name>.pfx​

         

      • Provide and confirm the password as prompted.
        Note: Use the same password for subsequent setups where ever prompted.



    9. Final Step:

      • Press Enter to execute the command. A newly generated PFX file will now reside in your local directory.






To configure the generated PFX file within the system, follow the documentation provided below:





I hope you find this information useful. You can leave a comment on this blog or follow us for more information about SAP Document and Reporting Compliance here in SAP Community.
6 Comments