Hey out there!  Our internal SSL certs expire every 2 years, so I recently  had to go through the steps to quickly renew them in our web dispatcher(s).

I'd like to share that information here to serve as quick reference for others!

Our OS:

AIX 6.1

Our Web Disp Version:

Commands:

As WXXADM, in the $SECUDIR directory:

./sapgenpse gen_pse -p SAPSSLS.pse -onlyreq -r WXX.req

./sapgenpse gen_pse -p SAPSSLC.pse -onlyreq -r WXXsslc.req

This exports the request

FTP the files to your PC. Now goto CRL, sign new P7B for each(save the files as WXXcertnew2015.p7b and WXXsslc-certnew2015.p7b) .  FTP back to to $SECUDIR

./sapgenpse import_own_cert -p SAPSSLS.pse -c WXXcertnew2015.p7b

./sapgenpse import_own_cert -p SAPSSLC.pse -c WXXsslc-certnew2015.p7b

This imports the signed certs

./sapgenpse seclogin -p SAPSSLS.pse -O wxxadm

./sapgenpse seclogin -p SAPSSLC.pse -O wxxadm

This generates new cred_v2 files for the user (if prompted for a PIN,enter it)

STOP and START the WEB DISPATHER

You must restart the web dispatcher before it’ll read the new certs

Now hit your back-end ECC/CRM/BW (whatever) system using the HTTPs port on your webdispatcher.

check cert to see if signed for another 2 years!

Hope that helps!

NICK