Skip to Content

How to create the CSR and how to import the certificate response?

The process of creating a certificate request (CSR) and import the certificate response, received from the CA, is not always simple as it looks like. The objective here is to make life easier using the principle: “a picture is worth a thousand words”.


How to create the CSR?

The first step is double click on the web application server name:

CSR1.png


Now click on the “Create Certificate Request” button:

CSR2.png


Now it is possible to submit the CSR to any CA:

CSR3.png



How to import the certificate response?

Once response from the CA arrived, it is possible to import the certificate response. Just click on the “Import Cert. Response” button, available in the “Own Certificate” section:

Import1.png


It is necessary to paste the certificate response along with the intermediate and the root certificate – there can be no, one or more intermediate certificates.

In this example, there is only the root certificate that is appended to the end of block.

Finally, click on the green ticket:

Import2.png


Note that now there is no “(Self-Signed)” message bellow the DN of the certificate (see green rectangle). Now save the PSE (see arrow):

Import3.png


The ICM processes need to be restarted, if the release is lower than 7.02 (details in SAP note 510007):

Import4.png


By double clicking the DN of the certificate, it is possible to have more information about it:

Import5.png

In higher releases, you will also find the Algorithm, the Key Length and SAN information.



The ICM should be restarted (again, if the release is lower than 7.02) via transaction code SMICM (confirm the restart of the ICM processes):


Import6.png

5 Comments
You must be Logged on to comment or reply to a post.
  • Thanks, although it would be better if the information is more complete.  Just an example:  You mention “Create Certificate Request”, but what type of algorithm to use?  PSE or SHA?  but if SHA, then which type 1, 224, 256, 512?  A little more elaboration would be good or to point to specific links where that is explained better.  There are tons of notes and blogs about this, but so far not one that explains a step by step set of activities.

  • Hi Juan Carlos,

    feel free to provide info to improve this wonderful hints provided by Cristiano.

    I haven’t found any document warning about this issue: “It is necessary to paste the certificate response along with the intermediate and the root certificate – there can be no, one or more intermediate certificates.”

    And, it is, indeed,  very helpful.

     

    Thanks a lot, Cristiano.

     

  • Thank you Cristiano–this is very helpful.  As you said, it is slightly outdated (almost five years) so i will upload a newer version and give you due credit.  Thank you again!

     

    Raja