cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Encryption / Decryption certificates : who ?

Former Member

on ‎04-21-2008 2:59 PM

0 Kudos

Hi,

I'm studying the doc " How to Configure Message Level Security in SAP Exchange Infrastructure 7.0 " in order to manage decryption with a Sender Communication Channel, and I have one question about certificates...

https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba68...

My flow is easier that this one of this doc, it's without PCK. So I have just " Third party --> XI ", and if I well understood we have:

¤ Third party uses a public key to encrypt the message content.

¤ XI uses a private key to decrypt the message content.

But...Who provide the certificates to be used for the public and private keys: is it the Third Party (so not me !) or XI (so me !) ?

Any feedback are welcome.

Mickael

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Shabarish_Nair
Active Contributor
‎04-21-2008 3:09 PM
0 Kudos

The certificates are obtained by a third party or a Certificate Authority.

you might be interested in reading this -

http://help.sap.com/saphelp_nw04s/helpdata/en/40/8a0b37e44d7c2fe10000009b38f889/frameset.htm

Show replies
Show replies
Former Member
‎04-21-2008 3:26 PM
0 Kudos

Hi Shabarish,

yes that will help me to understand the subject...

but usually who provide the certificate ? the Sender ? the Receiver ?

or it depend because there is no rule ?

Thanks

Mickael

ravi_raman2
Active Contributor
‎04-21-2008 3:39 PM
0 Kudos

Michael,

The Industry standard for this is that the sender will provide the certificate as only then can he sign the certificate with his private key in the certificate..which you will decrypt with his public key..in the certificate that he has proviced you..........

Hope that helps

Regards

Ravi Raman

Former Member
‎04-21-2008 3:48 PM
0 Kudos

Hi Ravi,

its seems you say the opposite of SAP about private/public key to decrypt the message.

who are rigth ?

Mickael

ravi_raman2
Active Contributor
‎04-21-2008 5:35 PM
0 Kudos

Michael,

http://en.wikipedia.org/wiki/Digital_signature

A digital signature or digital signature scheme is a type of asymmetric cryptography used to simulate the security properties of a handwritten signature on paper. Digital signature schemes normally give two algorithms, one for signing which involves the user's secret or private key, and one for verifying signatures which involves the user's public key. The output of the signature process is called the "digital signature."

Hope that helps

Regards

Ravi Raman

Former Member
‎04-21-2008 8:41 PM
0 Kudos

Thanks both.

Ask a Question