on 07-08-2023 8:32 PM
In CPI, we have the option to create Keypair and SSH certificates in Keystore. Could anyone help us in understanding what is the need of creating the certificates & where can we use that (If you could help with sample scenarios).
I have worked with scenarios where we add the certificates but not sure about the scenarios where we have to create them.
Thanks in advance
Hi mounikaravilla -
In SAP Integration Suite, the "Create Keypair" feature allows users to upload certificates for both inbound and outbound systems. These certificates are used during runtime to authenticate the servers. A key pair consists of two cryptographic keys, a public key and a private key. This concept is similar to the SSH (Secure Shell) protocol, where a key pair is used for authentication. In the context of SSH, SSH certificates serve as an extension to traditional key pair-based authentication, enhancing security and flexibility.
Regards,
Karthik Arjun
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Karthik,
Thank you for the response.
But Create Keypair option lets us create a keypair certificate in the keystore. In which kind of scenarios will we use the CPI created Keypair certificates?
In general to connect to other systems, the client at the receiver end provides us the certificate with passphrase and we use that for authentication. But here we are creating the certificate, in what kind of scenarios we can used that?
You could created key pair in any of the systems or even using putty. CPI is just providing another similar tool there. However, these key pairs must signed by the allowed external CAs for them to work with CPI. In fact, this feature has been available in SAP PI, PO systems as well. So you are not needed to use the feature but you may choose to.
If you want to connect a SAP backend on premise system to CPI you will need a keypair and new certificate once a year.
Refer to example blog:
Cloud Integration – How to Setup Secure Outbound HTTP Connection using Keystore Monitor | SAP Blogs
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
74 | |
10 | |
8 | |
7 | |
6 | |
5 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.