This is the process to check for the validity of the saprouter certificate and re-apply this.
sapgenpse get_my_name -n validity
When the validity is showing as expired, proceed as follows:
This folder contains the saprouter files and might be needed for a restore if any issues
SECUDIR
SNC_LIB
sapgenpse get_pse –v –r certreq –p local.pse "your distinguish name"
The distinguish name is available from the command:
sapgenspe get_my_name
The distinguish name in this case is the entire details following Subject.
Then we generate the cert request. See below screenshot
sapgenpse get_pse –v –r certreq –p local.pse "your distinguished name”
It will ask for entering the PIN. Enter any 4 digit number. Please remember and save the same. This pin will be needed for access to the PSE.
Once the request is created, it creates the file certreq under location: C:\SAProuter\SAProuter
Then Login to service marketplace under:
This opens the form below. Select Continue
Paste the contents of the certreq file generated above as below, and then “Request Certificate”. See below
Copy the details of the new certificate generated and then paste it in a new file srcert in the location
C:\SAProuter\SAProuter.
Then import the new certificate using:
C:\SAProuter\SAProuter>sapgenpse import_own_cert -c "C:\SAProuter\SAProuter\srcert" -p local.pse
Please enter PIN:
CA-Response successfully imported into PSE "C:\SAPRouter\SAProuter\local.pse"
sapgenpse seclogin –p local.pse
command
sapgenpse get_my_name –v –n Issuer
C:\SAProuter\SAProuter>sapgenpse get_my_name -v -n Issuer
SSO for USER "SAPRouter.1"
with PSE file "C:\SAPRouter\SAProuter\local.pse"
Subject : CN=mobilise, OU=0000912221, OU=SAProuter, O=SAP, C=DE
Issuer : CN=SAProuter CA, OU=SAProuter, O=SAP, C=DE
Serialno: BD:43:BA:2D:74:72:35:B0:10:01:02:22:A7
KeyInfo : RSA, 1024-bit
Validity - NotBefore: Mon Jun 20 11:58:38 2011 (110620015838Z)
NotAfter: Wed Jun 20 11:58:38 2012 (120620015838Z)
This shows that the certificate has been renewed.
The saprouter owner here is the user
svc-saprouter and we need to give the saprouter permission to this user: C:\SAProuter\SAProuter>sapgenpse seclogin -p local.pse -O svc-saprouter
running seclogin with USER="SAPRouter.1"
creating credentials for user "NMLCLAP03\svc-saprouter"...
Please enter PIN:
Adjusting credentials and PSE ACLs to include "NMLCLAP03\svc-saprouter".
C:\SAPRouter\SAProuter\cred_v2 ... ok.
C:\SAPRouter\SAProuter\local.pse ... ok.
C:\SAPRouter\SAProuter\local.pse ... ok.
Added SSO-credentials for PSE "C:\SAPRouter\SAProuter\local.pse"
"CN=mobilise, OU=0000912221, OU=SAProuter, O=SAP, C=DE"
Once it is done, we need to restart the saprouter. And the RFC connection SAP-OSS worked.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
13 | |
10 | |
7 | |
7 | |
7 | |
6 | |
5 | |
5 | |
5 | |
4 |