Skip to Content

I’m continuing with my blog series on testing tools. This blog post focusing on testing a SFTP connection using certificate authentication using my favorite windows tool, WinSCP. This is a windows tool and can be downloaded from h http://winscp.net/eng/index.php

Its always a good idea to be able to test any connection you need to use for an integration prior to any development starting. From my perspective communications problems are always the most difficult of issues to resolve. You not only have your networking teams to deal with but also those of the partner you are connecting to. Factor in some outsourcing or third party hosting and it can take quite a while to resolve any issue. So, the moral of this story is that if you are able to test the connection first then do it.

So lets look at the basic settings first.

14-09-2015 11-37-46.jpg

For the specific site enter the following


Select the connection type first. In this case SFTP

Host/IP: Enter the address

Port: Enter port provided, usually 22 but always double check

Username: Username supplied by vendor, which may not be required

Private key: Reference your private key (the vendor should have installed your public key on their server)

Password: Enter the password (if provided)


Now click on Proxy

14-09-2015 11-38-50.jpg


In my organisation we are using a proxy to connect to the vendor. The configuration has a very specific Proxy Type and Port. make sure you validate this with your technical team. Also important to note is that some vendors will restrict access to their services based upon the source address (your source address). If you are going through a proxy then the source address will be your proxy and not your PO/PI system. This is important to note. Your Basis or Networking team will be able to provide this information.


Proxy type: SOCKS5

Proxy Host: xxxxxxxxx

Port: nnn

Now click on Save. Test the connection by selecting ‘Logon’. If successful you will be able to see the SFTP’s server’s directory. Please note that the log file entries shown below may differ to those you see. Some of the messages are dependant on a specific configurations or SFTP server software used.


14-09-2015 11-40-56.jpg

OK, now the private key I am using came from my PO keystore. However, if I export it and then try to use it in WinSCP it complains so we have a little more work to do.


  • Export private key from NWA making note of password.

14-09-2015 11-47-51.jpg


  • Copy the exported SAP NW PO Key file to the openSSH bin directory


  • Open a command line and change the directory to the openSSH and run the following command replacing inputfilename with the name of the SAP NW PO keyfile


  • openssl pkcs12 -in inputfilename -nocerts -nodes | openssl rsa > id_rsa


  • You will be prompted for the password you entered when exporting the key and then the RSA key will be output


14-09-2015 11-51-35.jpg

  • Open puttyGen (installed as part of WinSCP)

14-09-2015 11-52-59.jpg


  • Import the rsa_id file you created (this is the private key)

14-09-2015 11-53-32.jpg


  • Save the private key (PPK format)

14-09-2015 11-53-55.jpg

  • Save the key and use it in WinSCP making sure you delete the rsa_id and SAP NW PO key files.

Blogs in Series

Blog 1: HTTP Post Testing: Test Tools…Part 1 *HTTP *

Blog 2: SFTP Testing: Test Tools…Part 2 * SFTP *

Blog 3: REST  Testing: Test Tools…Part 3 * REST *

Blog 4: SOAP Testing: Test Tools…Part 4 * SOAP *

Blog 5: SOAP Testing: Test Tools…Part 5 * JMeter *


To report this post you need to login first.

Be the first to leave a comment

You must be Logged on to comment or reply to a post.

Leave a Reply