SSL/TLS certificates are used to encrypt communication between various applications or between applications and clients. This encryption is an important part of system security in your company.
​
The CA/Browser Forum (Certification Authority/Browser Forum) specifies in the "Baseline Requirements" that certificates may not be valid for more than one year. It is therefore necessary to recognize in good time when certificates will expire and where they are in use in order to be able to proactively initiate the re-issuance and to renew the certificates in a targeted manner.
​
Is the security certificate of an applicationOnce expired, there may be restrictions or even interruptions in your business processes. Renewing SSL Certificates is a process whosen Completion takes some time and effort and can therefore lead to longer restrictions if recognized too late.
automatics does most of this work for you!
CERTIFICATE EXPIRY VALIDATION
Proactively and periodically check whether certificates are expiring or whether they have already expired. Certificates from all certificate stores (PSE & STRUST) of a SAP system are identified and checked against an expiry threshold. Notifications are triggered as soon as certificates are in a critical state.
Display of all relevant information for anewIssue and distribution of certificates:
-
CERTIFICATE STORE
-
SUBJECT
-
SUBJECTALTERNATIVE NAMES
-
EXPIRY DATE
-
EXHIBITOR
-
SERIAL NUMBER
-
PATH
DISTRIBUTION OF
CLIENT CERTIFICATES
With automatics, newly issued trustworthy certificates can be distributed easily and across systems in your system landscape.
Upload as many certificates as you like, select your target system and decide for yourself whether the certificates should be redistributed to all systems or exchanged in a targeted manner.
​
automatics takes care of importing the certificates into the respective certificate store and updating the STRUST.
DISTRIBUTION OF SERVER CERTIFICATES
Creation of Certificate Signing Requests (CSRs) based on existing PSE files and optional provision to the Certificate Authority (CA) service to receive a signed certificate for your server certificates. Subsequent certificate renewal of the server PSE file with the CSR-generated certificates (X.509 certificates in PEM format), including the adoption of the affected trusted certificates.
Alternatively, the certificate renewal of the server PSE file can be done with PKCS #12 certificates, including the transfer of the affected trusted certificates.
A backup of the old PSE files and a possible rollback ensures that your PSE files are in a secure state at all times. The changes are automatically transferred to STRUST (ABAP) and activated.