Usamos cookies propias y de terceros (Google Analytics). No las usamos para incluir publicidad. Si continúa navegando, acepta su instalación y uso.  Aceptar

Using the same SSL Certificate for two SAP systems in the same box
Blog /


In order to use https protocol (http SSL encrypted), beyond downloading and installing sapcrypto library and activating https using parameters we need a proper SSL certificate. In ABAP stack we create SSL cert through TA STRUSTSSO2 (It uses “sapgenpse” kernel program which belongs to SAPCRYPTO package).


In our scenario, ABAP and Java System are installed in the same host, then it makes sense to use the same SSL cert (Since CN usually is CN=<hostname>.<domain>). Please see picture below. 


How to use the same SSL Cert?


Once we have already got our SSL Cert in ABAP, we should connect to the server as <sid>adm (In our case ab1adm) and use sapgenpse at OS level:


1. Connect to server (as user ab1adm)

2. setenv SECUDIR /usr/sap/AB1/DVEBMGS00/sec

3. cd /usr/sap/DE2/DVEBMGS10/sec

4. sapgenpse export_p12 –x –z –p SAPSSLS.pse ServerSSL.p12 (be aware about your pse file generated for SSL)

5. Enter any password (Later it will be used in the import) 


After following the above steps we have generated a file ServerSSL.p12 (Which contains private key, PKCS #12 is one of the family of standards called Public-Key Cryptography Standards (PKCS) published by RSA Laboratories.)


We follow with importing PKCS#12 file in AS Java using SAP Netweaver Administrator (In our scenario JA1)


1. Connect to SAP Netweaver Administrator


2. Go to Configuration --> Certificates and keys.

3. Use ICM_SSL_XXXXX in the key Storage View and below press button “Import Entry”.

4. Enter type PKCS#12, path to the file and password used before

5. It appears PRIVATE KEY 

6. Finally we have to export X509 SSL Certificate from ABAP and import in the same view as p12 file but using X509 type.

7. Restart AS Java


Using the same SSL certificate for two SAP systems in the same box (pdf 184Kb)