For credit card payments, the default Mobiliser
configuration uses asymmetric encryption to secure credit card and bank account information in
the front end, and a dummy payment handler implementation in the back end to decrypt credit
card payments.
Execute all operations as the sybase user and be sure to note all passwords
for later reference.
- Log in to SAP Mobile Platform Server.
- Create a new directory:
mkdir -p
SMP_HOME\Server\configuration\com.sap.mobile.platform.server.mobiliser.core\keys
- Change to the new directory:
cd
SMP_HOME\Server\configuration\com.sap.mobile.platform.server.mobiliser.core\keys
- Generate a new keystore and key and modify the dname parameters
as required:
keytool -genkey -validity 7305 -keystore mobiliser.jks -alias
mobiliser_card -keysize 2048 -storepass changeit -keypass changeit -keyalg RSA
-dname "CN=Mobiliser Platform, OU=System, O=Sybase, L=Raunheim, S=Hessen, C=DE"
Note: Use the same passwords for both the keystore and the key
itself.
- Export the mobiliser_card public key using the keystore password entered in step
4:
keytool -export -alias mobiliser_card -file mobiliser_card.crt
-keystore mobiliser.jks
- Import the mobiliser_card certificate in the new keystore and change the keystore
password:
keytool -import -alias mobiliser_card -file mobiliser_card.crt
-keystore mobiliser_pub.jks -storepass changeit Note: Use a different
password than step 4.
- Generate a new key in the same keystore generated in step 4:
keytool -genkey -validity 7305 -keystore mobiliser.jks -alias
mobiliser_bank -keysize 2048 -storepass changeit -keypass changeit -keyalg RSA
-dname "CN=Mobiliser Platform, OU=System, O=Sybase, L=Raunheim, S=Hessen, C=DE"
Note: Use the same keystore
password, but select a different key password.
- Export the mobiliser_bank public key using the keystore password entered in step
4.
keytool -export -alias mobiliser_bank -file mobiliser_bank.crt
-keystore mobiliser.jks
- Import the mobiliser_bank certificate into the keystore using the same keystore
password entered in step 6:
keytool -import -alias mobiliser_bank -file mobiliser_bank.crt
-keystore mobiliser_pub.jks –storepass changeit
- Generate a new key into the same keystore entered in step 4:
keytool -genkey -validity 7305 -keystore mobiliser.jks -alias
mobiliser_odc_se_ks -keysize 2048 -storepass changeit -keypass changeit -keyalg
RSA -dname "CN=Mobiliser Platform, OU=System, O=Sybase, L=Raunheim, S=Hessen,
C=DE" Note: Use the same keystore
password, but select a different key password.
- Export the mobiliser_odc_se_ks public key using the password entered in step
4:
keytool -export -alias mobiliser_odc_se_ks -file
mobiliser_odc.crt -keystore mobiliser.jks
- Import the mobiliser_odc_se_ks certificate into the keystore using the same
keystore password entered in step 6:
keytool -import -alias mobiliser_odc_se_ks -file
mobiliser_odc.crt -keystore mobiliser_pub.jks –storepass changeit
- Generate another key into the same keystore created in step 4:
keytool -genkey -validity 7305 -keystore mobiliser.jks -alias
mobiliser_odc_signing -keysize 1024 -storepass changeit -keypass changeit -keyalg
RSA -dname "CN=Mobiliser Platform, OU=System, O=Sybase, L=Raunheim, S=Hessen,
C=DE" Note: Use the same keystore
password, but select a different key password.
- Export the mobiliser_odc_signing public key using the password entered in step
4:
keytool -export -alias mobiliser_odc_signing -file
mobiliser_odc.crt -keystore mobiliser.jks
- Import the mobiliser_odc_signing certificate into the keystore using the same
keystore password entered in step 6:
keytool -import -alias mobiliser_odc_signing -file
mobiliser_odc.crt -keystore mobiliser_pub.jks –storepass changeit
- Change the access privileges for the keystore that contains the keys:
chmod 0600 mobiliser.jks
Next
The public keys are loaded from the Web portals via a Web service call. Therefore,
you must use the Operations Dashboard to configure passwords.