This document provides instructions for generating a Certificate Signing Request (CSR) for SAP Web Application Server. If you are unable to use these instructions for your server, DigiCert recommends that you contact SAP.
NOTE: To generate a CSR, you will need to create a key pair for your server. These two items are a digital certificate key pair and cannot be separated. If you lose your public/private key file or your password and generate a new one, your SSL Certificate will no longer match.
NOTE: You must generate an individual certificate request for each application server that uses a server-specific PSE. If you use a
system-wide SSL server PSE, then you only need to generate a single certificate request. To determine each unique SSL server PSE,
expand the SSL server PSE node in the trust manager and select each application server with a double-click. The server's Distinguished
Name appears in the Owner field. For each application server with a unique Distinguished Name, you must generate a certificate request.
To generate a Key Pair and Certificate Signing Request, perform the steps bellow:
For more information refer to SAP Support
Once the SSL certificate has been issued, follow the steps from this link to install it on the server: SO22368