04-10-2015 10:16 AM
Hi guys,
I am trying to generate a certificate for signing the URL for the Archivelink interface.
The documentation stated that the public exponent has to be equal to (2^16)+1.
Does anybody know how important that condition is? The reason I am asking is that it is easy to create an RSA key with a given exponent but it is either not possible or not that simple in case of DSA key.
I haven't explored all the possibilities for this but my preliminary attempts at it were producing invalid keys that failed during signing or verification.
Is it a requirement that the 'y' value (public key exponent) of DSA parameters must be equal to 2^16 + 1, and if so are there any inputs for the other DSA parameters like 'p', 'q', and 'g'?
kind regards
04-12-2015 12:43 PM
Hi,
it seems to me that the documentation is misleading. There is no parameter in DSA called public exponent. I believe that 2^16 + 1 is a prime number so I guess that they are talking about parameter q. You could verify this generating a private key in Archivelink and exporting it. Inspecting the file should give you an answer for your question. Anyway, seeing key length 1024 and MD5 does not radiate confidence.
Cheers
04-12-2015 12:43 PM
Hi,
it seems to me that the documentation is misleading. There is no parameter in DSA called public exponent. I believe that 2^16 + 1 is a prime number so I guess that they are talking about parameter q. You could verify this generating a private key in Archivelink and exporting it. Inspecting the file should give you an answer for your question. Anyway, seeing key length 1024 and MD5 does not radiate confidence.
Cheers
04-13-2015 9:58 AM
Hi,
thanks for your answer.
I am trying to export the private key in SAP GUI. Can you please explain how I can export the private key? I found the transaction STRUST, but didn't see any possibility to export the key.
Cheers
04-14-2015 6:57 AM
I do not have access to any system at the moment but if you see a cert that is used for signing by Archivelink then you should be able to export it from STRUST. Please check SAP doco.
Cheers
04-15-2015 9:09 AM
This procedure explains how to selet a certificate:
Selecting Certificates - System Security - SAP Library
After selecting you can export it. The following procedure explains how to import a certificate, select it, and export it to the database, for example:
Adding a Certificate to the Database - System Security - SAP Library
04-15-2015 2:51 PM
Thanks, I managed to export the certificate.
I am trying to extract some information from the certificate.