cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SFTP Sender adapter with Private key

viswanahreddy
Participant

on ‎08-14-2015 6:39 PM

0 Kudos

Hello Every one

Client SFTP server   ------>   SAP PI SFTP( sender adapter )  ----->  SAP(AL11 directories)

We are trying to connect third party SFTP server by using  SFTP sender adapter in SAP PI and pass the files to SAP AL11 directories

client dont want to use Username and pwd authentication over SFTP

They want to use SFTP private keys.

I have gone through the below document to do SSH authentication, but finding it difficult to understand few things, i am writing this to get a clear understanding of the below document.

Generating SSH Keys for SFTP Adapters - Type 1 - Process Integration - SCN Wiki

After generating the below files, please explain the below.

private_key.pem

private_key.ppk

public_key

Do we need to store the files any where else?

  1. why are we generating these files


   2.    Use Open SSL to Create X.509 and P12 Certificates?what does this mean exactly, are we creating X509 certificate from the private           key(private_key.pem), are we converting .pem to X509? if so,why we need to do that?


   3.    Create the PKCS type 12 Keystore? provide the password (which will be used in channel configuration)? in channel where we           maintain the pwd


   4.    The created key would be in encrypted (binary) form?...

          openssl pkcs12 -export -in x509_certificate.pem -inkey private_key.pem -out sftp_keystore.p12 what does this mean           exactly? are we converting or renaming./are we changing the format


   5.   why we need to import sftp_keystore.p12, why dont we import private_key.pem in NWA?


   6.   Copy the public key in to SSH Server via SFTP

         why we need to copy public_key to SSH server and where does this SSH resides?


   7.    Login to SSH server verify the copied public key

         since the public key does not have any permissions, change it to 400 (for read)

         use ssh-keygen tool to create openSSH format public key?  What does this mean...?

         add the created openSSH public key to authorized_keys filles? what does this mean...?


   8.   Check the permissions of .ssh folder and authorized_keys file for access permissions


   9.   From the above example in SFTP sender channel what do i need to choose for private key view and private key entry?




Please explain the above if anyone worked on it.....


Thanks in advance











Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (4)

Answers (4)

suman_saha
Contributor
‎08-17-2015 1:30 PM
0 Kudos

Please go through the below link:

http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/305eeb5b-81e7-2f10-d8aa-9216de04c...

You need to follow the section 4.1 to 4.3 to set up.

Suman

Show replies
Show replies
pvishnuvardan_reddy
Active Contributor
‎08-17-2015 12:35 PM
0 Kudos

Hi Viswanath,

SFTP key based authentication works like this, if we want to connect to a server using ssh protocol, then we need to give public key to them such that they will deploy it on their server and in PI system, the private key needs to be deployed. From PI using private key the connection will get established.

Refer the below link for more information on the same:

SAP PI SFTP Adapter in 3 simple steps - SAPhelp.me

Show replies
Show replies
ravicarpenter
Active Participant
‎08-17-2015 11:15 AM
0 Kudos

Hello,

Please go through the SAP NetWeaver How To guide on How to Configure SFTP Adapter in PI. You can search scn on the said title. This would answer many of your questions.

Show replies
Show replies
former_member184619
Active Contributor
‎08-15-2015 12:00 AM
0 Kudos

You have to create the keys. Send the public key to SFTP server and keep the private key with you (in NWA). All the steps to upload public key are suppose to be done at SFTP server.

I had a similar scenario with bank and this is explained here with step by step details.

Regards,

Sachin Dhingra

Show replies
Show replies
Ask a Question