cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Digital Signature queries

Go to solution
Former Member

on ‎05-12-2009 6:34 AM

0 Kudos

Hello All,

I am trying to do a POC for Digital signatures , I have gone through the below blog and sap help ,but still I feel require some clarifications

/people/varadharajan.krishnasamy/blog/2007/05/11/how-to-use-digital-certificates-for-signing-encrypting-messages-in-xi

1. I have followed the blog and created a digital certificate and got test certification by SAP using the link provided ,but what is the need to import the same into VA?

2. its indicating there in SAP Screen that the key is public key, then from where we will get private key?

3. How to distribute/load the public key for verifying the signature in outlook(in this case as mail will be triggered from PI)

Appreciate your replies

Rajesh

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member200962
Active Contributor
‎05-12-2009 6:48 AM
0 Kudos 
1. I have followed the blog and created a digital certificate and got test certification by SAP 
using the link provided ,but what is the need to import the same into VA?

certificate is imported to indiacte that the sender is a trusted source and the assertion tickets issued by it are supposed to be accepted...

Show replies
Show replies

Answers (1)

Answers (1)

Former Member
‎05-12-2009 1:26 PM
0 Kudos

Did anyone knows how to send the public key to users/application after generating key and getting certified from SAP/CA..

Appreciate your replies

Rajesh

Show replies
Show replies
Former Member
‎05-12-2009 2:26 PM
0 Kudos

Hi,

In Visual Admin select your public key and export the it .crt format and send it.Before that SAP/CA

response you need to import in your Visual Admin.

Regards,

Prakasu.M

Former Member
‎05-12-2009 2:30 PM
0 Kudos

I have generated the key and imported it into local file as mentioned in the blog

do i need to import the same into VA you mean?

also can you provide the path for importing the public key ...

Thanks in Advance

Rajesh

Former Member
‎05-12-2009 2:37 PM
0 Kudos

Hi,

There is 2 way to generate the certificate. one is self signed another one third party signed. The blog mentioned these 2ways. You should go for any one. Self signed or third party signed. If self signed public key there is no need of generating csr request. Just u2018mark u2018 store certificate. Public key generated in Visual Admin with u2018cert u2018 extension. Now you clear.

Regards,

Prakasu.M

Former Member
‎05-12-2009 2:43 PM
0 Kudos

Thanks for your replies..

Still not clear..

Will the generated key contains both public and private keys or only public key or only private key???

if contains both how do i distribute the public key to users?

If only public key then how /where the private key comes from ?

If only private key then how do I get public key for distribution ?

if VA going to store the public key (.crt) what is the path from where I can get the public key file

Appreciate your replies

Rajesh

Former Member
‎05-12-2009 2:56 PM
0 Kudos

Hi,

Normally In visual admin private key will generate. If you u2018marku2019 the store certificate then u2018-certu2019 extension self signed public key also generated. This is one of the way.

Second one is ,If you need a third party sign in your public key then unmark the store certificate. That time private key generates. Select that key and you have a tag generate csr request. Generate the request and send to third party for sign. After that import the response in visual admin. That time you will get a third party signed public key.

You choose any one way to create a public key. Now you need to select the u2013cert extension public key and export. You should share this key only to your clients.

Regards,

Prakasu.M

Former Member
‎05-12-2009 3:05 PM
0 Kudos 
Second one is ,If you need a third party sign in your public key then unmark the store certificate. That time private key generates. Select that key and you have a tag generate csr request. Generate the request and send to third party for sign. After  that import the response in visual admin. That time you will get a third party signed public key.

When we have a private key in VA ,why do we need to import the public key again even though it is third party singed as only private key is used in PI (in case of server mode..) Am i right?

Rajesh

Former Member
‎05-12-2009 4:54 PM
0 Kudos

Hi,

Private key is Secret key.we should not share our private keys. Public key only always shared with clients. Third party signed Public key in the means Certificate authority will check our certificate and they will sign our certificate. Private key is used for signing purpose. So in your server only knows that one. Clients have our public key. They used our public key and verified our signature. If they used wrong public key it will not verify. In the same way we will use their Public key and encrypt the data. They used their private key and decrypt the payload. If we used some wrong certificate then they can not decrypt. This is the logic behind.

Regards,

Prakasu.M

Ask a Question