Creating an SNC PSE for the IRC server
Use
When using the SAP Cryptographic Library as the security product for SNC, the IRC application server must possess a Personal Security Environment (PSE). This PSE contains the IRC server’s public-key information, which includes its private key, its public-key certificate, and the list of public-key certificates that it trusts.
To create the SNC PSE for the IRC use the command line tool sapgenpse.exe as shown below.
As an alternative, you can use a single PSE for both the SAP application server and the IRC application server. In this case, copy the application server’s SNC PSE to the IRC’s SECUDIR directory.
Prerequisites
- The SAP Cryptographic Library is installed on the IRC application server.
- The environment variable SECUDIR is set to the location where the PSE is to be stored.
To check the location of the SECUDIR directory, execute sapgenpse without including any command options. The program will display various information such as the library version and the location of SECUDIR.
Procedure
Use this command line to create the PSE. sapgenpse get_pse –p <PSE_Name> -x <PIN> <Distinguished_Name>
The Distinguished Name consists of these elements:
- CN = <Common_Name>
- OU = <Organizational_Unit>
- O = <Organization>
- C = <Country>
Example Distinguished Name - CN=IACMSRVR, O=MyCompany, C=US
Result
sapgenpse creates a PSE in the IRC server’s SECUDIR directory
Example
sapgenpse get_pse –p IACMSRVR.pse -x iacmpin CN=IACMSRVR, O=MyCompany, C=US