on 04-19-2015 9:45 PM
Hi,
I need to create in AS ABAP and AS JAVA valid SSL certificates with "RSA with SHA-256" signing algorithm and 2048 bit encryption. In AS ABAP in transaction STRUSTSSO2 I'm able to choose "RSA with SHA-256" and "2048 bit" encryption, but the certificate information shows "RSA with SHA-1". In AS JAVA I'm able to set the encryption to "2048" by typing it manually in the field but there is no way to set the algorythm to "RSA with SHA-256". SAP Kernel 7.21 EXT Patch 402 and SAP Cryptolib 8434 are already installed.
Any ideas?
Thanks
Patrick
Hello Patrick,
Check the following SAP notes
1739681 - Kernel: Support creation of RSA-PSEs with SHA-256
1689776 - SAPCRYPTOLIB 555pl34: bugfixes, AES-NI support
Regards,
Siddhesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Patrick,
Found another note:
1856192 - Support creation of RSA PSEs > 2048bit out of STRUST
Regards,
Siddhesh
Hello Siddhesh,
many thanks. It looks like the information shown in STRUSTSSO2 is not right. The certificate ist RSA with SHA-256 and 2048 bit. The problem ist the Java stack. There is no option for "SHA-256".
Do you have any informations about generating a csr without opensl or sapgenpse in visual admin?
Regards,
Patrick
Hello Patrick,
My honest answer would be that I don't know how its decided. But I think, it could be down to Cipher Suites defined for your SSL Service provider.
I got this clue from the blog:
Have a look at the following link:
Try changing the priority of the Cipher suites in SSL Provider and let everyone know if it works.
Also,
Steps using Visual Admin are found here
Regards,
Siddhesh
Hi All,
Although the java stack does support certificates with SHA-256, it just can't create certificates with this algorithm.
However it's possible to create to import a keypair generated in some other way, e.g openssl, sapgenpse with the algorithm desired and then import it into the key staorage of the java system.
Kind regards,
Cathal
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
88 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.