on 01-24-2015 3:11 PM
Hi All,
I have a query related to certificates which needs to be installed in the devices.
I am working with Service Manager 4.1 application and SMP 3.0 platform. We have installed the SMP certificate in the devices .
My question is do we need to generate and install the SSL certificate separately ?
If yes please guide me how to generate a CSR for SSL in smp3.0
I have got this link SyBooks Online
Please guide if this is enough or any additional setting is required.
Thanks a lot in advance.
Thanks and Regards
Neha Mahanty
Neha,
The Agentry clients need to be able to validate the certificate presented by the SMP 3 server. This means one of three things:
Which route you pick will depend on your internal security policies and practices.
Remember for options 2 and 3 you will need to install the new certificate to the SMP 3 keystore.
--Bill
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks everyone .
The client needs a separate SSL certificate . hence I followed the document mentioned by Kiran - http://scn.sap.com/docs/DOC-57367
The prerequisites mentioned in the document is SMP 3.0 SP04 . However I have SMP 3.0 SP03
When I am executing the command
keytool.exe -certreq -keyalg RSA -alias smp_crt -file Syclo.csr -keystore D:\SAP\MobilePlatform3\Server\configuration\smp_keystore.jks -storepass empass12
keytool.exe -certreq -keyalg RSA -alias smp_crt -file pvs9097.csr -keystore D:\SAP\MobilePlatform3\Server\configuration\smp_keystore.jks -storepass empass12
I am getting this error
keytool error: java.io.IOException: Keystore was tampered with, or password was incorrect
Can anyone please guide what can be the possible issue and how this can be solved.
Thanks
Neha
Hi Neha,
I don't think you need a separate SSL certificate to be installed in the device unless your client asks for self signed certificate or any custom certificate.
P. S. :- In case of standard(default) certificate smp_crt.cer(can be found in configuration folder of the SMP server) needs to be installed in your device as a trusted certificate.
Thanks,
Sudhir.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Neha,
Self-signed certificate is generated during the installation. However, you could generate CSR using keytool. Once you generate the CSR, sign it with your internal CA and then import your root and signed certificate to your keystore.
You could refer to SSL Preparation section (Page 31 onwards, scenario2):
http://scn.sap.com/docs/DOC-57367
Regards,
Kiran
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
84 | |
24 | |
12 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.