on 05-12-2009 6:34 AM
Hello All,
I am trying to do a POC for Digital signatures , I have gone through the below blog and sap help ,but still I feel require some clarifications
/people/varadharajan.krishnasamy/blog/2007/05/11/how-to-use-digital-certificates-for-signing-encrypting-messages-in-xi
1. I have followed the blog and created a digital certificate and got test certification by SAP using the link provided ,but what is the need to import the same into VA?
2. its indicating there in SAP Screen that the key is public key, then from where we will get private key?
3. How to distribute/load the public key for verifying the signature in outlook(in this case as mail will be triggered from PI)
Appreciate your replies
Rajesh
1. I have followed the blog and created a digital certificate and got test certification by SAP
using the link provided ,but what is the need to import the same into VA?
certificate is imported to indiacte that the sender is a trusted source and the assertion tickets issued by it are supposed to be accepted...
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Did anyone knows how to send the public key to users/application after generating key and getting certified from SAP/CA..
Appreciate your replies
Rajesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
There is 2 way to generate the certificate. one is self signed another one third party signed. The blog mentioned these 2ways. You should go for any one. Self signed or third party signed. If self signed public key there is no need of generating csr request. Just u2018mark u2018 store certificate. Public key generated in Visual Admin with u2018cert u2018 extension. Now you clear.
Regards,
Prakasu.M
Thanks for your replies..
Still not clear..
Will the generated key contains both public and private keys or only public key or only private key???
if contains both how do i distribute the public key to users?
If only public key then how /where the private key comes from ?
If only private key then how do I get public key for distribution ?
if VA going to store the public key (.crt) what is the path from where I can get the public key file
Appreciate your replies
Rajesh
Hi,
Normally In visual admin private key will generate. If you u2018marku2019 the store certificate then u2018-certu2019 extension self signed public key also generated. This is one of the way.
Second one is ,If you need a third party sign in your public key then unmark the store certificate. That time private key generates. Select that key and you have a tag generate csr request. Generate the request and send to third party for sign. After that import the response in visual admin. That time you will get a third party signed public key.
You choose any one way to create a public key. Now you need to select the u2013cert extension public key and export. You should share this key only to your clients.
Regards,
Prakasu.M
Second one is ,If you need a third party sign in your public key then unmark the store certificate. That time private key generates. Select that key and you have a tag generate csr request. Generate the request and send to third party for sign. After that import the response in visual admin. That time you will get a third party signed public key.
When we have a private key in VA ,why do we need to import the public key again even though it is third party singed as only private key is used in PI (in case of server mode..) Am i right?
Rajesh
Hi,
Private key is Secret key.we should not share our private keys. Public key only always shared with clients. Third party signed Public key in the means Certificate authority will check our certificate and they will sign our certificate. Private key is used for signing purpose. So in your server only knows that one. Clients have our public key. They used our public key and verified our signature. If they used wrong public key it will not verify. In the same way we will use their Public key and encrypt the data. They used their private key and decrypt the payload. If we used some wrong certificate then they can not decrypt. This is the logic behind.
Regards,
Prakasu.M
User | Count |
---|---|
93 | |
11 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.