Enterprise Resource Planning Blogs by Members
Gain new perspectives and knowledge about enterprise resource planning in blog posts from community members. Share your own comments and ERP insights today!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Renewal of SAP Router Certificate

former_member596653
Explorer
‎01-07-2019 7:52 AM

Introduction-


Here in this Blog i would like to explain the complete process on How to renew SAP Router Certificate.

Main Activity


Renewing SAP Router Certificate.

 

About SAP Router


It acts as a proxy in a network connection between SAP systems, or between SAP systems and external networks. A standalone SAP program that protects your SAP network against unauthorized access .

Procedure for Renewing SAP Router


Stop Router Service.



  • Login to SAP Router Server and stop Router service.






 

Take backup of SAPROUTER files from OS level.



  • Take a backup of file in usr/sap/saprouter : Cred_v2, srcert, certreq, local.pse


Also you can take a copy of SAPRouter folder


Generating the certificate.



  • Run the following command –


“sapgenpse get_pse -v -r certreq1 -p local.pse”

to generate a certificate in OS level.



  • Enter the new PIN for PSE file two times – ******




  • Now it will ask to provide your Distinguished Name. Give DSN and press Enter.


CN=*********, OU=0000123456, OU=SAProuter, O=SAP, C=DE



  • It will create a new Certificate file “certreq” in the sap router file system.

  • Open the file ‘certreq’ and copy the content or code from that file.






  • Open Support portal and navigate to SAP Router page where your Router is configured and click on Submit CSR




 

  • Paste the copied data from here as shown below and hit on Request Certificate.




  • Copy the generated response.




  • Paste it in “srcert” file and save.




  • Now run the following command and give the PSE Pin :– ********


sapgenpse.exe import_own_cert -c srcert -p local.pse

This command will import the response that copied into “srcert” file.





  • Now run the following command to create a file “cred_v2”.


sapgenpse seclogin -p local.pse -O <saprouter user>

sapgenpse seclogin -p local.pse -O Administrator





  • Verification of the Router can be done by running following command.



sapgenpse get_my_name -v -n Issuer





 

Start SAP Router service




 

Post Verification checks.


 

Validation check in Support Portal



SAPRouter Status check



  • Run the command whether the Router is running or not.


Saprouter -l


SAPRouter Validity check



  • SAP Router Certificate Validity


sapgenpse get_my_name -n validity



 

Conclusion


This is the complete process of renewing SAP Router Certificate. Feel free to post any comments or queries related to this topic.
13 Comments
Labels in this area
Popular Blog Posts