How-To: Update SAProuter SNC Certificate

by on Jan.26, 2009, under Hacker

Certificate is good for 1 year. 

1. switch to the same account that the SAProuter server runs as
examples: su, sudo -s, etc.
2. stop the router service
3. backup the router folder
example: cp -rp saprouter saprouter.bak
4. change to the router home directory
5. rename certreq, srcert, local.pse, and cred_v2 to file.yyyymmdd
6. generate the certificate request (new certreq) using the following command:
sapgenpse get_pse –v –r certreq –p local.pse “CN=saprouter1, OU=0000350309, OU=SAProuter, O=SAP, C=DE”
do not enter a PIN (just press enter)
7. copy the contents of certreq to the clipboard
8. browse to
9. paste the contents of the clipboard into the form
10. step through form to generate new certificate information
11. copy and paste new certificate data into a file called srcert
11. import the certificate using the following command
./sapgenpse import_own_cert –c srcert –p local.pse
do not enter a PIN (press enter)
12. setup the login using the following command
sapgenpse seclogin –p local.pse
this will create a final file called cred_V2
13. check if the certificate has been loaded correctly by using the following command:
sapgenpse get_my_name –v –n Issuer
14. start the router service
15. delete backup router directory made in step 3 if it is no longer needed

CN and OU information will be different and based on the configuration for your company.

No comments for this entry yet...

Leave a Reply

You must be logged in to post a comment.

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

But Wait, There's More!

A few highly recommended friends...