top of page
Certificate Management

SAP CERTIFICATE MANAGEMENT

Automated validation, distribution and renewal of certificates in SAP systems.
(PSE files and STRUST)

VALIDATION & DISTRIBUTION OF CERTIFICATES IN SAP

SSL/TLS certificates are used to encrypt communication between various applications or between applications and clients. This encryption is an important part of system security in your company.

The CA/Browser Forum (Certification Authority/Browser Forum) specifies in the "Baseline Requirements" that certificates may not be valid for more than one year. It is therefore necessary to recognize in good time when certificates will expire and where they are in use in order to be able to proactively initiate the re-issuance and to renew the certificates in a targeted manner.

Is the security certificate of an applicationOnce expired, there may be restrictions or even interruptions in your business processes. Renewing SSL Certificates is a process whosen Completion takes some time and effort and can therefore lead to longer restrictions if recognized too late.

 

automatics does most of this work for you!

Screenshot_Validity.png

CERTIFICATE EXPIRY VALIDATION

Proactively and periodically check whether certificates are expiring or whether they have already expired. Certificates from all certificate stores (PSE & STRUST) of a SAP system are identified and checked against an expiry threshold. Notifications are triggered as soon as certificates are in a critical state.

 

Display of all relevant information for anewIssue and distribution of certificates:

  • CERTIFICATE STORE

  • SUBJECT

  • SUBJECTALTERNATIVE NAMES

  • EXPIRY DATE

  • EXHIBITOR

  • SERIAL NUMBER

  • PATH

DISTRIBUTION OF 
CLIENT CERTIFICATES

With automatics, newly issued trustworthy certificates can be distributed easily and across systems in your system landscape.

Upload as many certificates as you like, select your target system and decide for yourself whether the certificates should be redistributed to all systems or exchanged in a targeted manner.

automatics takes care of importing the certificates into the respective certificate store and updating the STRUST.

Certificate_distribution.png
Zertifikatsmanagement_PKCS12.png

DISTRIBUTION OF SERVER CERTIFICATES

Creation of Certificate Signing Requests (CSRs) based on existing PSE files and optional provision to the Certificate Authority (CA) service to receive a signed certificate for your server certificates. Subsequent certificate renewal of the server PSE file with the CSR-generated certificates (X.509 certificates in PEM format), including the adoption of the affected trusted certificates.
Alternatively, the certificate renewal of the server PSE file can be done with PKCS #12 certificates, including the transfer of the affected trusted certificates.
A backup of the old PSE files and a possible rollback ensures that your PSE files are in a secure state at all times. The changes are automatically transferred to STRUST (ABAP) and activated.

bottom of page