SAP HANA Tutorial, Material and Certification Guide

Friday, 31 May 2019

Generate certificate and add to SAP HANA Certificate Store

Introduction

This blog helps to Generate Certificates and add it to HANA Certificate Store and Configure Certificate Collection while configuration of Principal Propagation to SAP HANA XS on SCP.

Am highlighting a section where we are unable to find the certificates after configuring the Trust in SAML Identity Provider.

To verify the list of certificates installed use the following SQL Command.

SELECT * FROM SYS.CERTIFICATES

If the result is empty. Follow the below steps to generate the Certificates.

Login to HANA Admin Cockpit with SYSTEM user .
Make sure the SYSTEM user contains all Admin System privileges ( like TENANT ADMIN, CERTIFICATE ADMIN etc ).
After login navigate to SAP HANA Certificate Management section. It should look similar to below. if the “Configure Certificate Collections” count is 0 then it means there is no certificate in it.

SAP HANA Certifications, SAP HANA Guides, SAP HANA Learning, SAP HANA Study Materials

Generate Certificates

The generated certificate which will be later imported it to Certificate Store. To do so follow the below steps.

Step 1 – Edit the metadata.xml in notepad++ and the file should look like the below.

Step 2 – Copy the values highlighted in Yellow .i.e the values between <X509Certificate> </X509Certificate> html tags.

Step 3 – Create a Certificate(.der) file . Open a notepad and paste it, then add “—–BEGIN CERTIFICATE—–” in the beginning of it and “—–END CERTIFICATE—–” to the end of it . The file should look similar to below.