2
SAP Note Header Data Symptom The SAProuter Root CA (CN=SAProuter CA, OU=SAProuter, O=SAP, C=DE) will expire 07/18/2015 and needs to be replaced. Effective 04/15/2015 11:00 AM CET The new SAP SAProuter CA will go-live at SAP. This new SAProuter CA requires software changes as well as a process change at both SAP and at our customers by latest 07/18/2015 11:00 AM CET. Effective 04/15/2015 11:00 AM CET all newly generated SAProuter certificate requests will be signed by the new SAProuter CA only. In order to create a new SAProuter certificate, all customers using SNC connections with SAP must have in place the new SAProuter CA requirements. Effective 04/15/2015 11:00 AM CET through 07/18/2015 11:00 AM CET: SAP will provide a transition period from 04/15/2015 11:00 AM CET through 07/18/2015 11:00 AM CET. During this transition period, SAP will support customers SAProuter certificates signed by both the old and the new SAProuter CA. Effective 07/18/2015 11:00 AM CET: Certificates obtained before 04/15/2015 11:00 AM CET will no longer be supported. Only certificates issued by the new SAProuter CA will be accepted from this point on. Details how to manage setup for the old and new SAProuter CA can be found here: Installing the sapcrypto library and starting the SAProuter Other Terms SAProuter SNC remote connection STFK Reason and Prerequisites The SAProuter Root CA (CN=SAProuter CA, OU=SAProuter, O=SAP, C=DE) is valid until 07/18/2015 11:00:00 AM CET. After that point in time, certificates signed by that Root CA will not be valid any longer, such that SNC connections will not work. The SAProuter Root CA will be replaced by a new Root CA (CN=SAProuter CA, OU=SAProuter, O=SAP Trust Community II, C=DE). SAP will sign certification requests with the new SAProuter Root CA from 04/15/2015 11:00 AM CET. If you apply for an SAProuter certificate after 04/15/2015 11:00 AM CET, you must use the latest Common Crypto Library (using the latest SAProuter executable is strongly recommended). The sapservX servers will use the old SAProuter CA until 07/18/2015 11:00 AM CET to ensure that SAProuters using an old SAProuter certificate can still connect. Timeline 4/15/2015 11:00 AM CET: switch to new SAProuter Root CA for certification requests, SAProuter certificates obtained before 04/15/2015 can still be used 7/18/2015 11:00 AM CET: switch sapservX to use PSEs signed by new SAProuter CA, SAProuter certificates obtained before 04/15/2015 can no longer be used to establish SNC connections with SAP Solution The following steps need to be taken only if you are using SNC connections between your network and SAP: Until 04/15/2015 11:00 AM CET As stated, certificates signed by SAP before 04/15/2015 11:00 AM CET can be used until 07/18/2015 11:00 AM CET. After 04/15/2015 11:00 AM CET All certificates signed by SAP as of this date/time stamp will be created using the new SAProuter CA. This requires changes on the customer site 2131531 - New Root Certification Authority for saprouter certificates Version 2 Validity: 10.03.2015 - active Language English (Master) Released On 10.03.2015 07:33:42 Release Status Released for Customer Component XX-SER-NET-HTL Problems with remote access from SAP to Customer system Priority Hot News Category Installation information

Alteração certificado SAP

Embed Size (px)

DESCRIPTION

Alteração certificado SAP

Citation preview

Page 1: Alteração certificado SAP

SAP Note

Header Data

Symptom

The SAProuter Root CA (CN=SAProuter CA, OU=SAProuter, O=SAP, C=DE) will expire 07/18/2015 and needs to be replaced.

Effective 04/15/2015 11:00 AM CET

The new SAP SAProuter CA will go-live at SAP. This new SAProuter CA requires software changes as well as a process change at both SAP and at our customers by latest 07/18/2015 11:00 AM CET.

Effective 04/15/2015 11:00 AM CET all newly generated SAProuter certificate requests will be signed by the new SAProuter CA only.  In order to create a new SAProuter certificate, all customers using SNC connections with SAP must have in place the new SAProuter CA requirements.

Effective 04/15/2015 11:00 AM CET through 07/18/2015 11:00 AM CET:

SAP will provide a transition period from 04/15/2015 11:00 AM CET through 07/18/2015 11:00 AM CET. During this transition period, SAP will support customers SAProuter certificates signed by both the old and the new SAProuter CA.

Effective 07/18/2015 11:00 AM CET:

Certificates obtained before 04/15/2015 11:00 AM CET will no longer be supported. Only certificates issued by the new SAProuter CA will be accepted from this point on.

Details how to manage setup for the old and new SAProuter CA can be found here:

Installing the sapcrypto library and starting the SAProuter 

Other Terms

SAProuter SNC remote connection STFK

Reason and Prerequisites

The SAProuter Root CA (CN=SAProuter CA, OU=SAProuter, O=SAP, C=DE) is valid until 07/18/2015 11:00:00 AM CET. After that point in time, certificates signed by that Root CA will not be valid any longer, such that SNC connections will not work. The SAProuter Root CA will be replaced by a new Root CA (CN=SAProuter CA, OU=SAProuter, O=SAP Trust Community II, C=DE).

SAP will sign certification requests with the new SAProuter Root CA from 04/15/2015 11:00 AM CET. If you apply for an SAProuter certificate after 04/15/2015 11:00 AM CET, you must use the latest Common Crypto Library (using the latest SAProuter executable is strongly recommended). The sapservX servers will use the old SAProuter CA until 07/18/2015 11:00 AM CET to ensure that SAProuters using an old SAProuter certificate can still connect.

Timeline

4/15/2015 11:00 AM CET: switch to new SAProuter Root CA for certification requests, SAProuter certificates obtained before 04/15/2015 can still be used 7/18/2015 11:00 AM CET: switch sapservX to use PSEs signed by new SAProuter CA, SAProuter certificates obtained before 04/15/2015 can no longer be used to establish SNC connections with SAP

Solution

The following steps need to be taken only if you are using SNC connections between your network and SAP:

Until 04/15/2015 11:00 AM CET

As stated, certificates signed by SAP before 04/15/2015 11:00 AM CET can be used until 07/18/2015 11:00 AM CET.

After 04/15/2015 11:00 AM CET

All certificates signed by SAP as of this date/time stamp will be created using the new SAProuter CA. This requires changes on the customer site 

    2131531 - New Root Certification Authority for saprouter certificates  

Version   2     Validity: 10.03.2015 - active   Language   English (Master)

Released On 10.03.2015 07:33:42

Release Status Released for Customer

Component XX-SER-NET-HTL Problems with remote access from SAP to Customer system

Priority Hot News

Category Installation information

Page 2: Alteração certificado SAP

so please plan accordingly.

From 04/15/2015 11:00 AM CET until 07/18/2015 11:00 AM CET

All certificates signed by SAP during this period will be created using the new SAProuter CA. This requires changes on the customer site so please plan accordingly.

If you apply for an SAProuter certificate after 04/15/2015 11:00 AM CET the following steps are mandatory:

l Use latest Common Crypto Library l Use a PSE with a key size of 2048 l Import old SAProuter Root CA (this step is important and necessary to establish the trust with the sapservX SAProuter at SAP until 

07/18/2015)

In addition, using the latest SAProuter version is strongly recommended.

After 07/18/2015 11:00 AM CET

All certificates signed by SAP as of this date/time stamp will be created using the new SAProuter CA. This requires changes on the customer site so please plan accordingly.

If you apply for an SAProuter certificate after 07/18/2015 11:00 AM CET the following steps are mandatory:

l Use latest Common Crypto Library l Use a PSE with a key size of 2048

In addition, using the latest SAProuter version is strongly recommended.

The SAProuter Root CA certificates are available from here. For a detailed description refer to Installing the sapcrypto library and starting the SAProuter.

If you have any further questions please open a customer ticket on component XX-SER-NET-HTL.

Validity

This document is not restricted to a software component or software component version

Attachments

File Name File Size (KB) Mime Type

smprootca.der 990 application/x-x509-ca-cert


GuiaAcceso CertificadosElectronicosseg.guanajuato.gob.mx/.../certificado/CertificadosElectronicos... · certificado de educaciÓn secundaria ... numero de certificado el presente

GuiaAcceso CertificadosElectronicosseg.guanajuato.gob.mx/.../certificado/CertificadosElectronicos... · certificado de educaciÓn secundaria ... numero de certificado el presente

Documents
certificado Instagram

certificado Instagram

Documents
Kaba b-comm ERP 5€¦ · 3 Kaba b-comm ERP 5 – SAP Business ByDesign Por qué debería elegirnos como socio de SAP Intercambio de datos certificado con SAP Comunicación

Kaba b-comm ERP 5€¦ · 3 Kaba b-comm ERP 5 – SAP Business ByDesign Por qué debería elegirnos como socio de SAP Intercambio de datos certificado con SAP Comunicación

Documents
Nobis Pacem | Homeschool Católico Certificado · Nobis Pacem | Homeschool Católico Certificado

Nobis Pacem | Homeschool Católico Certificado · Nobis Pacem | Homeschool Católico Certificado

Documents
Certificado Goodride

Certificado Goodride

Documents
Certificado PGLD

Certificado PGLD

Documents
Infraestructura TI para SAP Business One...Servidor HANA BD SAP HANA SAP Business One Server SAP Business One Analytics Servidor HANA Primario Servidor certificado Single Certificada

Infraestructura TI para SAP Business One...Servidor HANA BD SAP HANA SAP Business One Server SAP Business One Analytics Servidor HANA Primario Servidor certificado Single Certificada

Documents
CERTIFICADO LEED.pdf

CERTIFICADO LEED.pdf

Documents
Certificado - Embrapa

Certificado - Embrapa

Documents
Alteração visual e sintomas correlatos

Alteração visual e sintomas correlatos

Health & Medicine
fabio certificado

fabio certificado

Documents
Se entregará un certificado a nombre de VisualK. - … · Acerca de SAP Business One Menú de SAP Principales funciones Maestro Socio de negocios Definición de perfiles de usuario

Se entregará un certificado a nombre de VisualK. - … · Acerca de SAP Business One Menú de SAP Principales funciones Maestro Socio de negocios Definición de perfiles de usuario

Documents
Certificado 1

Certificado 1

Documents
CO - Controlling · CERTIFICADO: PLAN DE ESTUDIO: • Introducción al SAP - Conceptos Principales • Navegación Inicial. • Estructura organizacional CO. • Centro de Costos

CO - Controlling · CERTIFICADO: PLAN DE ESTUDIO: • Introducción al SAP - Conceptos Principales • Navegación Inicial. • Estructura organizacional CO. • Centro de Costos

Documents
Certificado cloud

Certificado cloud

Education
Certificado FSPCA

Certificado FSPCA

Documents
Certificado ITAC

Certificado ITAC

Documents
Análise da alteração sensorial em alimentos preparados com

Análise da alteração sensorial em alimentos preparados com

Documents
Certificado Digital

Certificado Digital

Documents
CERTIFICADO DE ESCOLARIDAD - comfandi.com.co · Title: CERTIFICADO DE ESCOLARIDAD Author: cristina

CERTIFICADO DE ESCOLARIDAD - comfandi.com.co · Title: CERTIFICADO DE ESCOLARIDAD Author: cristina

Documents
Diplomado Business One 9 - SAP Business One en Colombia€¦ · SAP BUSINESS ONE, certificado por las dos instituciones. *Únicamente los participantes cuya asistencia sea del 80%

Diplomado Business One 9 - SAP Business One en Colombia€¦ · SAP BUSINESS ONE, certificado por las dos instituciones. *Únicamente los participantes cuya asistencia sea del 80%

Documents
Certificado ADM

Certificado ADM

Documents
CERTIFICADO - Obralia

CERTIFICADO - Obralia

Documents
Certificado itil

Certificado itil

Education
Certificado iso20000

Certificado iso20000

Education
Certificado Exida

Certificado Exida

Documents
CERTIFICADO LEED.docx

CERTIFICADO LEED.docx

Documents
Certificado Rotalla

Certificado Rotalla

Documents
Swagata Dutta Influência da alteração da trajectória de

Swagata Dutta Influência da alteração da trajectória de

Documents
CERTIFICADO IPED

CERTIFICADO IPED

Documents