cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSL Issue

Go to solution
Former Member

on ‎07-11-2011 10:56 AM

0 Kudos

Dear,

Our CRM System SSL Certificate renewal Request rose to SAP but we got replay stating that u201Ckey length isn't in accordance with the new minimum key length of 2048 Bitsu201D.

SAP Recommended to implement SAP Note: 509495 Trust manager: Generating PSEs with a key length > 512 bits

According to note just we need to change below parameters and recreate and generate PSE , If I am not wrong

sec/rsakeylengthdefault  2048

sec/dsakeylengthdefault  1024

Kindly suggest

Reagards,

Kumar

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎07-25-2011 12:45 PM
0 Kudos

Hi:

The link below shows the detailed procedure,

http://help.sap.com/erp2005_ehp_03/helpdata/EN

/f1/2de3be0382df45a398d3f9fb86a36a/frameset.htm

Regards

Derek

Show replies
Show replies

Answers (2)

Answers (2)

Former Member
‎07-11-2011 12:57 PM
0 Kudos

Hi,

When using STRUST, re create a new SSL server certificate and choose 2048 as key length.

There is no need to change system parameters and to restart the system...

Regards,

Olivier

Show replies
Show replies
Former Member
‎07-11-2011 1:25 PM
0 Kudos

re create a new SSL server certificate and choose 2048 as key length

Can you please suggest steps for recreation for NEW SSL Server certificate ..

Regards,

Kumar

Former Member
‎07-11-2011 1:33 PM
0 Kudos

Hi,

For steps:

Go to STRUST and on the left hand pane, select the PSE type (ex. system pse) to be recreated and right click and select recreate (or similar option, i dnt remember exact word)..

This will recreate the PSE.

Regards,

Shitij

Former Member
‎07-11-2011 2:10 PM
0 Kudos

STRUSTSSO2 --> System PSE or SSL Server --> Right Click --> Check, Distibute, Replace and Delete.

Right click on System PSE or SSL Server it represents all servers, is it possible to select individual ones then recreate?

Please suggest for recreate do i need to select Replace ? and System PSE or SSL Server?

Kindly suggest,

Appreciated your inputs.

Regards,

Kumar

Former Member
‎07-11-2011 5:13 PM
0 Kudos

Try to understand what you want to achieve and the answer will come by itself...

Former Member
‎07-15-2011 10:03 AM
0 Kudos

As we received SSL Server Certificate for an SAP Web Application Server for CI and App's from SAP.

i just want to know the procedure on how to renew SSL Certificates.

As i know the process by STRUSTSSO2 Transaction and import it but our CRM System is dual stack.

Appreciate your inputs,

former_member185031
Active Contributor
‎07-11-2011 11:51 AM
0 Kudos

Yes. Change the parameter and bounce the SAP to make it effective.

Regards,

Subhash

Show replies
Show replies
Former Member
‎07-11-2011 12:16 PM
0 Kudos

Subhash,

Does it required bounce because Dynamically Switchable Parameters.

Kindly suggest

former_member185031
Active Contributor
‎07-11-2011 12:31 PM
0 Kudos

If it is dynamic then no need to bounce, but whenever you will bounce it will be roll back and you will have problem with PSE. So change it on RZ10 and bounce the system.

Regards,

Subhash

Ask a Question