1、事情起于收到一封邮件:
Hello,
we would like to inform you about the expiry of your SAProuter
Certificate's validity.
The certificate contains the following data:
CN=B3erpslm, OU=0001139053, OU=SAProuter, O=SAP, C=DE
Your certificate will expire on 12. June 2011.
IF YOU USE THIS SAPROUTER WITH SECURE NETWORK COMMUNICATION (NOT VPN)
THIS WILL MEAN THAT YOU CAN NO LONGER USE THIS SAPROUTER TO ESTABLISH A
CONNECTION TO THE SAP SUPPORT.
To prevent this we would like to urgently ask you to replace your
existing Certificate with a new one from the SAP Service Marketplace.
To renew your SAProuter Certificate, please do the following:
- On your SAProuter, save your existing PSE file and old certificate
file (if still existant) under different names
- Go to the http://service.sap.com/saprouter-sncadd
- Click on "Apply Now!"
- Follow the steps detailed in the documentation
- More details can be found on the following page:
http://service.sap.com/saprouter-sncdoc
If you encounter any problems, please send a message to SAP using the
component XX-SER-NET.
Kind regards,
SAP Trust Center Services
SAP AG
http://service.sap.com/tcs
2、得知证书一年即将过期。
3、登录http://service.sap.com/saprouter-sncadd,点击"Apply Now!"
4、复制“CN=B3erpslm, OU=0001139053, OU=SAProuter, O=SAP, C=DE”
5、进入SAPRouter服务器:D:\saprouter\nt-x86_64 目录,利用cmd进入
6、输入命令:sapgenpse get_pse -r "CN=B3erpslm, OU=0001139053, OU=SAProuter, O=SAP, C=DE" -p D:\ABC.pse
7、输入2次PIN码,然后输入“Distinguished name of PSE owner”,也可输入以前的,如“CN=B3erpslm, OU=0001139053, OU=SAProuter, O=SAP, C=DE”
8、成功之后会在D:\saprouter\nt-x86_64 目录下生成文件“CN=B3erpslm, OU=0001139053, OU=SAProuter, O=SAP, C=DE”,记事本打开,可以看到begin和end之间的文件,全部拷贝到刚才的网站,然后点击继续。
9、sap会返回一个更多的begin和end之间的文件,然后全部复制,在D:\saprouter\nt-x86_64 目录下新建srcert文件,把内容全部拷贝进去。
10、输入命令:sapgenpse import_own_cert -c srcert -p D:\ABC.pse,输入刚才输入过的pin码,成功!
11、在C:\Users\Administrator\sec目录下建立文件cred_v2,如果没有sec目录也要新建一个。输入命令:sapgenpse seclogin -p D:\ABC.pse -O Administrator,意味着为Administrator用户执行SapRouter设立了权限。
12、利用命令:sapgenpse get_my_name -v -n Issuer ,可以看到成功!完毕!
13、起于启动的参考资料等可在“为SAPRouter注册新证书”引用1,2的blog中查询,也可查看网址:https://websmp110.sap-ag.de/saprouter-sncdoc,http://help.sap.com/saphelp_nw04/helpdata/en/56/a92f3ae689f058e10000000a11402f/content.htm,http://help.sap.com/saphelp_nw04s/helpdata/en/44/4b56bf77e11193e10000000a155369/content.htm
没有评论:
发表评论