Skip to Content

One of the things that has been coming up more often is SSL communication.  We have been dealing with third party companies and internal departments requiring communication via SSL. 

A couple of things to remember when trying to get SSL working.

  1. Ensure that the SSL certificate you are importing has the full certificate chain contained inside of it.  If it does not you can go to the public CA and import their certificates in order to get the certificate working.
    1. If you get an error similar to the follow in Windows, you need to get the CA Root cert installed before you will be able to use the cert in PI.
    2. Untitled picture7.png
  2. For FTPs PI 7.1 can only use Explicit Encryption! You will need to work with your third party vendor to have their FTPs server setup to use Implicit Encryption for your connection.

I put together the below document for our Basis team on adding certificates to PI.

  • Log into NWA
  • Go to Configuration Management -> Security -> Certificates and Keys
  • Untitled picture.png
  • Select the TrustedCAs, then click import entry.
  • Untitled picture2.png
  • Select the certificate type
  • Untitled picture3.png
  • Browse out to the certificate and click import
    • If the certificate does not have the fully chain in it and it’s a public cert, grab a cert for the CA and install it as well
  • Public CA for IndustrySafe
  • Untitled picture4.png
  • Industry safe cert
  • Untitled picture5.png
  • In the below section you can check to see if the certificate was imported successfully.
  • Untitled picture6.png
To report this post you need to login first.

3 Comments

You must be Logged on to comment or reply to a post.

  1. SAP Basis - Ketan Chokshi - Wipro Technologies

    Hi Tony,

    Thanks for the documentation, we have a vendor who is using self signed certificate and wants us to import their certificate into our PI system. Which certificate should I import (Base/Intermitent/Root) into my system.

    Also as mentioned in you document import the full certificate chain contained inside of it.“,

    so what exactly you mean by “full certificate chain contained inside of it.“.

    1 more thing is, can we make this certificate available in communication channel in Integration builder. I believe only private keys are visible in communication channel.


    Regards,

    Manish

    (0) 

Leave a Reply