on 01-08-2015 4:02 PM
When trying to renew the cert for our SAProuter, I'm getting issues creating a CSR for use during Step 2 in the "Request Certificate for SAProuter". When I run the command sapgenpse get_pse –v –r certreq –p local.pse "your distinguished name” it only creates a local.pse for me and not a certreq file (I believe it's supposed to do both?). I believe the contents of the certreq file is what needs to be Copy & Pasted into the SAP Portal for the certificate to be generated, correct? If so, how can I get it since the file is not being created?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Are you logged on with the user which the pse was created?
Regards,
Rishi
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Quick question;
Are you running the sapgenpse command from the directory where the saprouter and SAP Cryptographic files installed?
Follow this link : https://websmp104.sap-ag.de/saprouter-sncdoc
The command can be split into two. Try that and see if that helps.
Generate the certificate Request with the command:
sapgenpse get_pse -v -r certreq -p local.pse "<Distinguished Name>"
Example:
sapgenpse get_pse -v -r certreq -p local.pse "CN=example, OU=0000123456, OU=SAProuter, O=SAP, C=DE"
Alternatively use the two commands:
sapgenpse get_pse -v -noreq -p local.pse "<Distinguished Name>"
sapgenpse get_pse -v -onlyreq -r certreq -p local.pse
Cheers
RB
I think you're trying to combine two steps into one step. Read this document, I think this will help you out. http://scn.sap.com/community/netweaver-administrator/blog/2012/11/03/sap-router-certificate-renewal-...
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Jordan,
I think you are deleting the files before running the command.
And running the command on saprouter folder.
Do you get all successsfull messages like below?
Creating PSE with format v2 (default)
Generating key (RSA, 2048-bits) ... succeeded.
certificate creation... ok
PSE update... ok
PKRoot... ok
Generating certificate request... ok.
Regards,
Yuksel AKCINAR
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
87 | |
23 | |
11 | |
9 | |
8 | |
5 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.