on 07-31-2013 4:29 PM
Hello,
I am working with NW73, and setting up HTTPS. Following the instructions here:
http://help.sap.com/saphelp_nw73/helpdata/en/49/23501ebf5a1902e10000000a42189c/frameset.htm
I have created a certificate signing request.
I have self-signed this certificate with a root CA that I have created for my company (this is deployed so as to not get cert warnings when using self-signed)
When I go to import the certificate response, I get an error: "
The message no is TRUST057.
I understand that it cannot find the CA.
I feel like maybe I have not added the root CA correctly, since it cannot be found.
This is the procedure:
Store the issuer certificate in the database (menu function Certificate -> Export -> Database) and make sure that the certificate is not marked as inactive (menu function Certificate -> Database).
I'm confused about why i would be "exporting" and not importing. Anyway, what is the procedure for "storing the issuer certificate in the database"?
I have tried simply importing the root CA and it shows up in the certificate list for the SSL PSE, but I'm not sure this is correct, because the issue persists.
Thanks.
Thanks for the responses.
I read note 1468249 , and I attempted this before. (I did not post about it). When I do this, I do not get an error. But nothing actually happens. No positive response, not negative response. No certificates show up in the certificate list. It just seems to do nothing.
Samuli> I tried that, as I indicated in my original post. I get the error even with the root CA imported.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Samuli>
You are correct. I have never done this, so some of this is expectation management.
First, I did finally figure out how to get the root CA entered into the certificate database.
"Export" is a crazy word. But really, you "Import the certificate" onto the screen.
Then you "Export" it into the database. Once I did this, the certificate response was accepted.
Here's the thing I learned, and like I said: This is because I have never done this before.
When pasting the certificate response and accepting it there is NO feedback from the interface.
There is no success message, no screen change. Nothing happens to confirm it was accepted.
Once you save then you get a successful save message and this works.
I was doing this with my CA and the response in one file and it was working. But because of the lack of response from the screen, I did not know it was working.
So thanks for all the help and clarity. To make matters worse, I accidentally had icm/HTTPS/verify_client set to 2. oops.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Just import the root CA you used to sign the certificate request.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Jason
Kindly go thru SAP notes
1468249 - STRUST: Error TRUST057 "CA certificate is missing on database". Import of certificate response not possible
Note 508307 - Trust Manager: Problems importing certificate responses
Thanks
Ram
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
89 | |
10 | |
9 | |
9 | |
9 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.