Steps to import SSL/TLS certificates in SAP

Important Note:

This is a step-by-step "How-to" guide for importing SSL/TLS certificate in SAP. Please be aware that the values of different parameters and screenshots presented in this guide may vary depending on your specific use case. Before proceeding, please make sure to go through the checklist.

In SAP, there are 2 main PSE where SSL/TLS certificates can be imported to trust an external API connection.

  1. SSL Client SSL Client (Standard)

  2. SSL Client SSL Client (Anonymous)

Note: Based on your program and configuration, one of the above PSE will be used. To be on the safer side, we recommend you to follow the below steps for both the above PSE one by one.

Step 1: RUN the T-code STRUST and select the SSL client SSL Client (Standard).

Step 2: Go to Change mode by clicking the Change icon, then scroll down to the bottom of the page and look for the Import Certificate option on the right-hand side, as shown below.

Step 3: Select the file path and then choose F4 to select the certificate from the local system.

Step 4: Once the file has been selected, go to the bottom of the page and click the Add to certificate button.

Step 5: Right-click the SSL client SSL Client (Standard) and choose Distribute from the menu.

Step 6: On the top, click the Save button, and you'll be able to see the certificates in the Certificate List.

Note: If you have multiple app servers, click on "PSE" from the menu, and then click on “Distribute” in the context menu. This will distribute the SSL/TLS certificate across all nodes.


Last updated