cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP PI 7.31 - How to use ROOT certificate in HTTPS (SSL)

Go to solution
Former Member

on ‎02-21-2013 8:31 AM

0 Kudos

Hi Gurus,

I need to use certificate for HTTPS in PI 7.31. I was sent a new certificate "root_cert". I want to use this certificate in my https channels. I made next changes:

1. I imported the certificate into "TrustedCAs" keystore

2. I imported the certificate into "ICM_SSL_230241" keystore, which is used in SSL-configuration.

3. I restarted service icm and even PI server.

But when I try to use https in browser https://myserver:50201/, it gets another certificate, which was created before by basis administrator.

Please, help to solve the question.

Regards,

Vladimir

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

smavachee
Active Contributor
‎02-21-2013 9:19 AM
0 Kudos

Please check this conversation

It may help.!

Regards,

Sunil

Show replies
Show replies
Former Member
‎02-21-2013 10:09 AM
0 Kudos

Hi Vladimir,

As I understand you are trying to setup HTTPS security for your PI server where all external parties need to exchange this certificate for communication via HTTP.

I think the steps are to generate key pair, sign it from CA and import the response in keystore.

I am not sure but is it that you got signed key from CA for your PI server. I think you need to import it using import CSR response option.

Please check this link for details:

http://help.sap.com/saphelp_nwpi71/helpdata/de/f1/2de3be0382df45a398d3f9fb86a36a/frameset.htm

Regards,

Beena

Former Member
‎04-03-2013 7:11 AM
0 Kudos

Hi Beena,

You are right. We deleted old key pair and created a new key pair. Then our provider sign the key pair. And we began use ssl in http-requests.

Regards,

Vladimir

Answers (1)

Answers (1)

Former Member
‎02-21-2013 8:54 AM
0 Kudos

Hi Vladimir,

I am little confused. Are you trying to setup https on PI or you want to use third party's certificate in https receiver channel?

Regards,

Beena

Show replies
Show replies
Former Member
‎02-21-2013 9:04 AM
0 Kudos

Hi Beena,

I am tryoing to use third party's certificate in https receiver channel.

Regards,

Vladimir

Former Member
‎02-21-2013 9:11 AM
0 Kudos

Hi Vladimir,

If it is third party's certificate and they have changed it at their end, and provided new certificate to you,  then if you test from PI URL, you will not get that certificate. You will get the certificate generated for PI box there. (the one you are getting now)

Please check third party URL specified in channel to verify the certificate.

Regards,

Beena

Former Member
‎02-21-2013 9:50 AM
0 Kudos

Hi Beena,

This is new CA certificate and it was't changed last time. My purpose to use the certificate for all https sender channels. HTTPS-Senders of PI must accept this certificate and use it.

Regards,

Vladimir

Ask a Question