Beruflich Dokumente
Kultur Dokumente
Logging in to the BI Portal with an administrative account you need to go to the following path
1. http://domain.com:52000/irj/portal
we
can
see
the
expiration
date.
6. Now we generate new certificate via Virtual Admin 7. Go Server, then Services and then find and click once on Key Storage in the Services list. You will be presented with the below screen.
9. An entry name SLTKNEW for now 10. The Common Name (CN) 11. The Organization Unit Name (OU) 12. We have given the certificate a validity period of 10 years in place of 1 year that was previously assigned. 13. We need to check Store Certificate 14. Leave the Key Length as the default of 1024 15. User the drop down on Algorithm and choose DSA
16. Once done choose Generate and looks like below
17. 18.
Once we have verified that the old and the new are aligned with
regards to their common attributes and the new one is active for usage we need to export the old one to keep it safe for now. This is done by clicking on the
Now that we have a protected backup of the original we can instate the new one we have just created. To do this we can either delete the old one or in this case (recommended) rename the old one for now.
19.
20. We have chosen to rename it using a timestamp identifier of 20110103 to indicate the date this was renamed. We need to do the same with its pair (Private Key).
Once this is done we take the names of the original duo and reuse them on the new ones we have just generated. Please note that these need to be given exactly the same name as the original names and are case sensitive.
21.
We may now export the certificate to Abap system. Start by pressing the download verify .def file button above and save To import, go STRUSTSSO2 Click import certificate
27.
28.
29.
Once we have verified that the new certificate is in place. Simply delete
the old one from the list using the Delete button once you have verified you are highlighting the correct - outdated certificate in the list
30.
Now that we have renewed the certificate we need to ensure that the
old entries are removed from the ACL and that the new one is re-added as it is has a different Serial Number as previously discussed.
31. To do this, delete one at a time and then replace it. We have started by deleting the ACL entry for B0M against client 000 first and then re-adding it as in the below screenshot
32.
We have then deleted and re-added the entry for the non-existent
33.
The resultant output is that we now have the ACL also updated with the
latest certificate information for the SSO to function correctly. If this is not done and the old entries are attempted to be re-used then the resultant outcome is an issue when loading web templates as follows
34.The below screenshot is what we are meant to see in a BI Dual Stack installation once we have completed all the necessary tasks.
35.
Completed