Ask a Question

Solution ID : SO3550

Last Modified : 05/02/2018

Generate key and CSR for SAP Business Connector

Problem

Generate key and CSR for SAP Business Connector
Request certificate for  for SAP Business Connector
Generate key
Request certificate
Request key and CSR

Solution

1 Start the Certificate Toolkit.

 

2 From the Certificate Toolkit menu, select Generate a private key and click Next.

 

3 From the Generate a Private Key screen, specify the following:

 

 

 

Key size A key size or accept the default of 1024. 2048 is more secure than 1024, but might slow processing. Use 1024 for ordinary transactions and 2048 for high-value transactions.

 

Algorithm The SAP BC Certificate Toolkit uses the RSA Public-Key algorithm.

 

Enter file name Name of the file that you want to hold the private key you are about to create. The default is CertToolkit.

 

Select a location for private key

 

The directory path of the file to which you want the toolkit to write your server's private key.

 

 

 

4 Click Next.

 

When the Certificate Toolkit has successfully generated the key, a dialog displays stating the key has been generated. Click OK.

 

The Create a Certificate Signing Request (CSR) including the Public Key screen displays. If you want to continue and create the CSR, follow the instructions under Generate the Certificate Signing Request below. If you do not want to create the request now, click Back to return to the Certificate Toolkit menu.

 

 

 

1 If it is not already started, start the Certificate Toolkit and select Generate a Certificate Signing Request (CSR) including Public Key. See Starting the Certificate Toolkit on page 12 for instructions.

 

2 Specify the following information.

 

 

 

For this parameter… Specify…

 

Key size A key size or accept the default of 1024. 2048 is more secure than 1024, but might slow processing. Use 1024 for ordinary transactions and 2048 for high-value transactions.

 

Algorithm The SAP BC Certificate Toolkit uses the RSA Public-Key algorithm.

 

Enter file name Name of the file that you want to hold the private key you are about to create. The default is CertToolkit.

 

Select a location for private key

 

The directory path of the file to which you want the toolkit to write your server's private key.

 

 

 

Note: Depending on your machine and the key size you selected, key generation can take several minutes.

 

 

 

Note: In the next step, the toolkit creates a public key from the private key just created.

 

 

 

Generating the Certificate Signing Request

 

 

 

Select the file that contains the private key

 

The directory path and file name of the file that contains the private key you created earlier.

 

Enter CSR file name The name of the file to which the Certificate Toolkit is to write the request. Later, you will send the information in this file to your CA.

 

The toolkit uses the PEM encoding format (creates header information that includes the version number and the

 

encryption algorithm used to encrypt the private key) and adds pem as the file extension. For example, if you specify

 

csrfile, the toolkit names the file csrfile.pem.

 

 

 

 

 

Select the file that contains the private key

 

The directory path and file name of the file that contains the private key you created earlier.

 

3 In the Server Information portion of the screen, specify the following information:

 

 

 

Host name Name of the host server on which the certificate will reside, for example, IntegrationServer.yourcompany.com.

 

Department Your department within your company or organization.

 

Organization Your company or organization.

 


CityCity in which your company is physically located.

 

StateState in which your company is physically located. For example, if your company is incorporated in Delaware but

 

located in California, specify California. This field is optional.

 

Country Country in which your company is physically located.

 

Contact E-Mail E-mail address of the person to receive the response from the CA.

 

Revocation Password A password you can give to your CA later if you decide to revoke your certificate. For example, if you think someone has stolen your private key, you must supply this password to your CA before they can revoke your certificate.

 

 

 

4 Click Next.

 

 

 

After the toolkit has successfully created your CSR, it displays a dialog to that effect.

 

Enter CSR file name The name of the file to which the Certificate Toolkit is to write the request. Later, you will send the information in this file to your CA.

 

The toolkit uses the PEM encoding format (creates header information that includes the version number and the

 

encryption algorithm used to encrypt the private key) and adds pem as the file extension. For example, if you specify

 

csrfile, the toolkit names the file csrfile.pem.

 

 

 

Note: The toolkit creates a public key from the private key you created earlier. The toolkit attaches the public key to the certificate Id information (name, organization, etc.) and sends it as part of the Certificate Signing Request.

 

 

 

Generating a Certificate Signing Request and Sending It to the Certificate Authority

 

5 Click OK.

 

6 Select Symantec or Entrust and click Go to CA website.

 

If you want to use a different CA, click Cancel to go back to the toolkit menu, then Exit to exit the toolkit. Use the method required by your CA to submit your CSR to them.