Skip to Content
Author's profile photo Cristiano Hansen

How to create the CSR and how to import the certificate response?

The process of creating a certificate request (CSR) and import the certificate response, received from the CA, is not always simple as it looks like. The objective here is to make life easier using the principle: “a picture is worth a thousand words”.


How to create the CSR?

The first step is double click on the web application server name:

CSR1.png


Now click on the “Create Certificate Request” button:

CSR2.png


Now it is possible to submit the CSR to any CA:

CSR3.png



How to import the certificate response?

Once response from the CA arrived, it is possible to import the certificate response. Just click on the “Import Cert. Response” button, available in the “Own Certificate” section:

Import1.png


It is necessary to paste the certificate response along with the intermediate and the root certificate – there can be no, one or more intermediate certificates.

In this example, there is only the root certificate that is appended to the end of block.

Finally, click on the green ticket:

Import2.png


Note that now there is no “(Self-Signed)” message bellow the DN of the certificate (see green rectangle). Now save the PSE (see arrow):

Import3.png


The ICM processes need to be restarted, if the release is lower than 7.02 (details in SAP note 510007):

Import4.png


By double clicking the DN of the certificate, it is possible to have more information about it:

Import5.png

In higher releases, you will also find the Algorithm, the Key Length and SAN information.



The ICM should be restarted (again, if the release is lower than 7.02) via transaction code SMICM (confirm the restart of the ICM processes):


Import6.png

Assigned tags

      6 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Vladimir Demakov
      Vladimir Demakov

      Thank you! Very helpful!

      Author's profile photo Juan-Carlos Garcia-Garavito
      Juan-Carlos Garcia-Garavito

      Thanks, although it would be better if the information is more complete.  Just an example:  You mention "Create Certificate Request", but what type of algorithm to use?  PSE or SHA?  but if SHA, then which type 1, 224, 256, 512?  A little more elaboration would be good or to point to specific links where that is explained better.  There are tons of notes and blogs about this, but so far not one that explains a step by step set of activities.

      Author's profile photo Cristiano Hansen
      Cristiano Hansen
      Blog Post Author

      Hi Juan-Carlos,

      I will create a more comprehensive blog, with detailed steps.

      As soon as it is ready, I'll reply to you again.

      Kind regards,

      Cris

      Author's profile photo Aditya Sehrawat
      Aditya Sehrawat

      Hi Christano,

       

      Is it ready ? please share the link if ready.

       

      Regards,

      Aditya

      SAP Basis

      Author's profile photo Badalott .
      Badalott .

      Hi Juan Carlos,

      feel free to provide info to improve this wonderful hints provided by Cristiano.

      I haven't found any document warning about this issue: "It is necessary to paste the certificate response along with the intermediate and the root certificate – there can be no, one or more intermediate certificates."

      And, it is, indeed,  very helpful.

       

      Thanks a lot, Cristiano.

       

      Author's profile photo Srikanth Rajagopalan
      Srikanth Rajagopalan

      Thank you Cristiano--this is very helpful.  As you said, it is slightly outdated (almost five years) so i will upload a newer version and give you due credit.  Thank you again!

       

      Raja