SAP Sales Cloud Relationship Intelligence Setup- Generating Password Protected Self-Signed Certificate using open SSL
This series of blog posts provides a good overview of how to configure Relationship Intelligence which is now available with SAP Sales Cloud’s Intelligent Sales Add-on.
Currently, we only support integration with Office 365 hence this is a prerequisite for this solution.
Please make sure you refer to all these blogs for end-to-end setup.
- Setting up your Application and Distribution List/Group in the Azure portal
- Generating Password Protected Self-Signed Certificate using open SSL (This Blog)
- Setting up Relationship Intelligence in SAP Sales Cloud
This blog will provide you guidance on how to generate a password-protected self-signed certificate. This is required to authenticate the connection between Azure and the relationship intelligence application.
The following steps will be covered
- Install Open SSL
- Generate a Private Key
- Generate certificate (.crt format)
- Upload certificate (.crt) in Azure Portal
- Generate Certificate (.pks format)
- Upload Certificate (.pks) with password in SAP Sales Cloud
- The first step is to verify if you have open SSL installed in your system. To go to Terminal or command prompt and simply run “open SSL”. if it is available then it shall open. If it is not available then please refer to the Open SSL website for instructions to install it.
Check SSL Installation
2. Generate a private key.
a. Use the below command to generate the 2048-bit RSA private key
req –newkey rsa:2048 –keyout privatekey.key –out mycsr.csr
You shall be asked for a PEM Pass phrase which is required to protect the private key files.
Do remember or note this down you will be asked to confirm this again in subsequent steps.
Create Pass Phrase
b. once the PEM Pass Phrase is created, you will be asked a few questions for information that will be included in the private key. Try to answer as appropriately as possible. You don’t have to worry much about the accuracy since this is going to be a self-signed certificate and not signed by any authority.
Provide private key Information
c. After answering all the questions, you need to maintain a challenge password. Once you enter the password and press enter your private key would have been generated in the path specified while installing open SSL.
Private Key Generated
3. Generate Certificate
To Generate the certificate, please run the below command
x509 –req –days 365 –in mycsr.csr –signkey privatekey.key –out certificate.crt
The system will ask for the PEM Pass Phrase as a confirmation. Once entered the certificate will now be generated at the same path as earlier
Certificate generated path
4. This certificate (.crt) created from step 3, must be updated in the Azure portal under Manage-> Certificate and Secrets -> Upload certificate
5. Generate PKCS certificate file
Generate the pkcs certificate file run the below command
pkcs12 –export –out certificate.pfx –inkey privateKey.key –in certificate.crt
Enter the PEM Pass Phrase that you had created earlier
Next, the system will ask you to maintain the “Export password”.
Once maintained the certificate in .pfx format will be generated in the same path as earlier
Generating .pfx certificate
Certificate generated path
6. This certificate in .pfx format along with the “export password” you must maintain in the relationship intelligence configuration-> server connection
By following the above steps you can generate a password-protected self-signed certificate. This is sufficient for authenticating your application with relationship Intelligence. Please note this is just one of the ways to generate the certificate using Open SSL. Do check with your IT /security team if there are any recommended approaches and tools.
For details on how to complete the setup in Sales Cloud, refer to this blog post on Setting up Relationship Intelligence in SAP Sales Cloud
Please do share your feedback and thoughts in the comments related to this blog post