Creating a Self-Signed Certificate Using OpenSSL

Use this procedure to create your own self-signed certificate using OpenSSL.

To create your own self-signed certificate you need to install OpenSSL. OpenSSL is an open source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1). You can download OpenSSL at:

http://www.openssl.org/

  1. From a machine where OpenSSL is installed, open a command prompt and enter the following command: openssl req -x509 -days 365 -newkey rsa:<password> -keyout server-key.pem -out server-cert.pem where <password> is your password for the new certificate.

    The self-signed certificate, server-cert.pem, is created.

  2. Convert the certificate to a PFX file. In the command prompt enter Openssl pkcs12 -export -in server -cert.pem -inkey server-key.pem -out <NewAgentryServer>.pfx where <NewAgentryServer> can be any unique name for the new PFX file.

    An example of a unique PFX file name is NewAgentryServer.pfx.

  3. Copy the PFX file into the directory where the Agentry Server instance for the mobile application is located, i.e. C:\SAP\MobilePlatform\Servers\UnwiredServer\<AppName>.
  4. From the SAP Control Center expand the Applications node and select the Agentry application. Then perform the following steps:
    1. Click the Configurations tab in the Administration pane and select the check box for ANGEL Front End.
    2. Change authenticationCertificateStore to the name of the new PFX file. Double-click the Value to enter a new name.
    3. Change the authenticationCertificateStorePassword to the password you set in the file.
    4. Click [Apply] to commit the changes to the Agentry Server.
    5. Click [OK] to close the window.
  5. Create a copy of the file server-cert.pem and rename it AgentryTrustedCertificates.sst.
  6. Copy the new AgentryTrustedCertificates.sst to the Agentry Client installation folder in order to replace the original AgentryTrustedCertificates.sst file installed with the Agentry Client.
  7. Restart the Agentry Server and the Agentry Client.
  8. Log in to the Agentry Server using the Agentry Client.
Parent topic: Authentication Certificates