Documente Academic
Documente Profesional
Documente Cultură
the SAProuter
Contents
• Downloading necessary software components from SAP Service Marketplace
• Creating the certificate request
• Additional actions necessary before you can start saprouter
This section describes the necessary steps to download and install the sapcrypto library for use with saprouter. The
saprouter must be started with the options described later in this section.
The license for the sapcrypto library covers saprouter connections between saprouters at SAP and the first
saprouter on customer sites and backend connections within the customer`s network. For all other purposes the
library CANNOT be used!
Do not allow any other access (not even from the same group)!
On UNIX this will mean permissions being set to 600 or even 400!
On NT check that the permissions are granted only to the user the
service is running as!
10. Check if the certificate has been imported correctly
sapgenpse get_my_name -v -n Issuer
The name of the Issuer should be: CN=SAProuter CA, OU=SAProuter, O=SAP, C=DE
11. If this is not the case, delete the files cred_v2, local.pse and start over at Item 4. If the output still does not
match please open a customer message in component XX-SER-NET-OSS stating the actions you have
taken so far and the output of the commands
4.,7.,8. and 10.
Example
For a SNC encrypted connection to the SAPRouter on sapserv2 (194.39.131.34), the saprouttab should
contain the following entries:
# SNC-connection from and to SAP
KT "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 194.39.131.34 *
# SNC-connection from SAP to local R/3-System for Support
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" <R/3-Server>
<R/3-Instance>
# SNC-connection from SAP to local R/3-System for
NetMeeting, if it is needed
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" <R/3-Server>
1503
# SNC-connection from SAP to local R/3-System for
saptelnet, if it is needed
KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" <R/3-Server>
23
# Access from the local Network to SAPNet - R/3 Frontend
(OSS)
P <IP-addess of a local PC> 194.39.131.34 3299
# deny all other connections
D * * *