The process of creating a certificate request (CSR) and import the certificate response, received from the CA, is not always simple as it looks like. The objective here is to make life easier using the principle: “a picture is worth a thousand words”.
How to create the CSR?
The first step is double click on the web application server name:
Now click on the “Create Certificate Request” button:
Now it is possible to submit the CSR to any CA:
How to import the certificate response?
Once response from the CA arrived, it is possible to import the certificate response. Just click on the “Import Cert. Response” button, available in the “Own Certificate” section:
It is necessary to paste the certificate response along with the intermediate and the root certificate – there can be no, one or more intermediate certificates.
In this example, there is only the root certificate that is appended to the end of block.
Finally, click on the green ticket:
Note that now there is no “(Self-Signed)” message bellow the DN of the certificate (see green rectangle). Now save the PSE (see arrow):
The ICM processes need to be restarted, if the release is lower than 7.02 (details in SAP note 510007):
By double clicking the DN of the certificate, it is possible to have more information about it:
In higher releases, you will also find the Algorithm, the Key Length and SAN information.
The ICM should be restarted (again, if the release is lower than 7.02) via transaction code SMICM (confirm the restart of the ICM processes):