In this extensive guide, you will learn how to generate a CSR code and install an SSL Certificate on SAP web application server. You will also learn a few interesting facts about SAP, and discover the best place to shop for affordable SSL certificates.

If you’ve already created the CSR Code and received the SSL Certificate from your CA, skip the CSR generation instructions and jump straight to installation guidelines. Use the links below to navigate between sections.

Generate a CSR Code on SAP
Install an SSL Certificate on SAP
Test your SSL installation
SAP Web Application Server history and versions
Where to buy the best SSL certificate for SAP?

Generate a CSR Code on SAP

When applying for an SSL Certificate your first step is to generate a CSR (Certificate Signing Request) code and send it to the CA for validation. Along with the CSR code, you will also create the private key which will remain stored on the SAP server.

You have two options:

  1. Generate the CSR automatically using our CSR Generator.
  2. Follow our step-by-step tutorial on how to create the CSR on SAP

Install an SSL Certificate on SAP

After the CA delivers the necessary SSL files to your inbox, your first step is to download the ZIP Folder and extract its contents on your desktop.

The trust manager requires that the files (the signed public-key certificate and the CA’s root certificate) must adhere to the PKCS#7 certificate chain format. Alternatively, the CA may also issue a public-key certificate in PEM format.

Step 1: Prepare the SSL files

For your SSL Certificate to work on SAP, the following files are required:

  • The SSL Certificate itself with x509/.cer/.crt/.pem extension
  • The intermediate certificate, also known as the CA Bundle or Chain Certificate
    Note: Some SSL providers will give you two intermediate certs for better browser compatibility. You must copy them in separate .txt files and install them one at a time during the intermediate certificate configuration.
  • The root certificate from your CA (if you don’t have it, consult your CA)

Open these three files with a plain text editor, and copy the contents of each certificate into a separate file with .txt extension. You should have at least three .txt files with your primary, intermediate, and root certificates.

Step 2: Upload your primary SSL Certificate

Once your SSL files are ready, perform the following:

  1. Log into your admin console
  2. From Trust Manager, expand the SSL server PSE node
  3. Select your application server by double-clicking on it
  4. In the PSE maintenance section, select Import Cert. Response
  5. Click Load local and upload your primary SSL Certificate with the .crt extension. Alternatively, you can paste the contents of your SSL Certificate .txt file into the corresponding box.
  6. Your SSL Certificate should now display in the PSE maintenance section
  7. Save the data.

Step 3: Add the intermediate and root certificates

Next, depending on your system setup, you will add the intermediate and root certificates in one of these locations:

Certificate Database:

  1. In the certificate section, select Import certificate
  2. In the Import Certificate dialog, select the Database tab
  3. From the certificate database, choose your certificate and select Enter. The certificate will display in the certificate section
  4. Click Add to Certificate List
  5. Save the data.

File System:

  1. In the certificate section, select Import certificate
  2. In the Import Certificate dialog specify the corresponding file name from the file system.
  3. Choose Base 64 for the certificate’s file format, then select Enter. The cert resides in the certificate maintenance section
  4. Click Add to Certificate List
  5. Save the data.

A Different PSE:

  1. Expand the node for the PSE that hosts the Certificate, then double click to select one of the application servers
  2. From the certificate list, in the PSE maintenance section, double click on your certificate
  3. Under the SSL server PSE node, double click on your application server
  4. Click Add to Certificate List
  5. Save the data

Congrats, your SSL certificate should be up and running on your SAP system.

Test your SSL installation

After you install an SSL certificate on SAP, some SSL errors or vulnerabilities may still exist. To avoid potential trouble, it’s recommended to run a diagnostic test on your SSL installation. Plenty of SSL tools can instantly generate reports on your SSL Certificate.

Where to buy the best SSL Certificate for SAP Web Application Server?

When buying an SSL Certificate, you should consider three crucial aspects: validation type, price, and customer service. At SSL Dragon, we offer the entire range of SSL certificates at affordable prices, backed by five-star customer service! Our SSL certificates are signed by renowned Certificate Authorities, and thus are compatible with SAP Web Application Server. Whether you need a cheap Domain Validation certificate or a premium Extended Validation product we’ve got you covered.

Get an SSL certificate now

SSL Dragon’s prices are the most competitive on the market, while our dedicated support team is highly appreciated by the existing customers. If you don’t know what type of SSL certificate to choose, simply use our SSL Wizard and Certificate Filter tools. They will help you find the ideal SSL product for your website.

If you find any inaccuracies, or you have details to add to these SSL installation instructions, please feel free to send us your feedback at [email protected]. Your input would be greatly appreciated! Thank you.