Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
1. Login to the SAP Service Marketplace with the Service Marketplace at using the USERID/PASSWORD which was assigned for your installation. 2. Change the alias to www.service.sap.com/swdc to downloaded the SAP cryptographic software. Select the correct SAPcrptographic software depending on your saprouter operating system as shown below.
3. You must have the sapcar.exe in order to extract the SAP cryptographic software file. 4. With the command of sapcar -xvf xxxxxxx.sar, /ntintel directory would be created and the following files would be extracted. (Example C:/saprouter/ntintel) ( when the Microsoft Windows NT Intel version is downloaded) C:/saprouter/ntintel/sapcrypto.dll C:/saprouter/ntintel/sapgenpse.exe
C:/saprouter/ticket
UNIX
<path_to_libsecude>/<name_of_sapcrypto_library>
7. You may now apply for a SAProuter certificate from the SAP Trust Center Service of SAP service marketplace http://service.sap.com/tcs > SAP Trust Center Service in Detail > SAProuter Certificates
Please refer to the example above -SAPRouter Name -Distinguished Name : JPL50020586 :
9. Execute the following command in the /saprouter/ntintel directory in order to generate your certificate to be exchanged with SAP. sapgenpse get_pse -v -r certreq -p local.pse "Distinguished Name"
Example sapgenpse get_pse v -r certreq -p local.pse "CN=JPL50020586, OU=0000036946, OU=SAProuter, O=SAP, C=DE"
Enter the PIN number. (you may enter any PIN Number you wish.)
10. The "certreq" file is created in the /saprouter/ntintel directory. 11. Use a notepad to open the "certreq" file and copy the displayed information (From the -BEGIN .to the END -) 12. You now have to paste the above copy content into the space provided shown below. After you have pasted the text, click the Request certificate button to submit your request.
13. Once you click on the Request Certificate a new screen will be displaying your certificate issued by SAP CA (Certification Authority). 14. Using a notepad to copy the content (From Being to -END) and save it as srcert into /saprouter/ntintel/srcert. * Note : - Please rename srcert.txt into srcert without any extension. 15. You then need to import this certificate into SAProuter using the following command. Please run on /saprouter/ntintel directory. sapgenpse import_own_cert -c srcert -p local.pse Please enter PIN : (same as point 9)
16.
17.
Execute this command in /saprouter/ntintel directory. sapgenpse get_my_name -v -n Issuer The result should be "CN=SAProuter CA, OU=SAProuter, O=SAP, C=DE". 18. When the above results are not obtained , please delete local.pse and cred_v2 and work again from steps 9. Please seek the assistance from your local SAP helpdesk or create an OSS message via component XX-SER-NET-OSS, if you are not able to obtain the above-mentioned result after you have repeated the above steps.
# SNC-connection from SAP to local R/3-System for NetMeeting, if it is needed KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" <R/3-Server> 1503 # SNC-connection from SAP to local R/3-System for saptelnet, if it is needed KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" <R/3-Server> 23 # Access from the local Network to SAPNet - R/3 Frontend (OSS) P <IP-addess of a local PC> 194.39.131.34 3299 # deny all other connections D***
Start the SAProuter with the following command. Saprouter -r -S <port> -K "p: <Your Distingiushed Name>" -K tells the saprouter to start with loading the SNC library. Example: saprouter -r -S 3299 K "p:CN=JPL50020586, OU=0000036946, OU=SAProuter, O=SAP, C=DE"
Additional Note -You may refer to SAP note: 30289 in the SAP service marketplace for
detail information with regards to SAProuter http://www.service.sap.com/note