----------------------------------------------------------------------------------
The first thing you need to do, is to send a customer message to SAP
Support (component XX-SER-NET-OSS-NEW) and tell them to register the
hostname and IP of your new SAProuter.
You have to register it with a official IP address (no internal IPs
allowed), but it's allowed to use NAT in the firewall/router.
After you've received a confirmation from SAP that your SAProuter has
been registered, you are ready to configure your SAProuter.
If your SAProuter directory is C:\usr\sap\saprouter, these are the steps
to follow.
Note: You will be asked for a PIN code. Just pick your own 4 numbers, but
you'll have to use the same PIN every time you're asked to enter one.
1. Set 2 environment variables: SECUDIR and SNC_LIB according to the
guide you've downloaded.
2. Download the SAP Crypto Library and unpack it into
C:\usr\sap\saprouter
3. To generate a certificate request, run the command:
sapgenpse get_pse -v -r C:\usr\sap\saprouter\certreq -p
C:\usr\sap\saprouter\local.pse "
4. Then you have to follow the guide and request the certificate from
http://service.sap.com/tcs -> Download Area -> SAProuter Certificate
5. Create a file C:\usr\sap\saprouter\srcert and copy the requested
certificate into this file. The run the command:
sapgenpse import_own_cert -c C:\usr\sap\saprouter\srcert -p
C:\usr\sap\saprouter\local.pse
6. To generate credentials for the user that's running the SAProuter
service, run command:
sapgenpse seclogin -p C:\usr\sap\saprouter\local.pse -O
(this will create the file "cred_v2")
7. Check the configuration by running command:
sapgenpse get_my_name -v -n Issuer
(This should always give the answer "CN=SAProuter CA, OU=SAProuter,
O=SAP, C=DE")
8. Create SAProuter service on Windows with the command:
ntscmgr install SAProuter -b C:\usr\sap\saprouter\saprouter.exe -p
"service -r -R C:\usr\sap\saprouter\saprouttab -W 60000 -K
^p:
9. Edit the Windows Registry key as follows:
MyComputer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SAProute
r\ImagePath --> Change both ^ to "
10. Start the SAProuter service
11. Enter the required parameters in OSS1 -> Technical Settings
---------------------------------------------------------------------------------
Installation on UNIX
----------------------------------------------
1. Create the subdirectory saprouter in the directory /usr/sap/.
2. Get the latest version of the SAProuter from the SAP Service Marketplace (service.sap.com/patches). Choose Support Packages and Patches ® Entry by Application Group ® Additional Components ® SAPROUTER. The SAProuter is in packet saprouter*.SAR; the program niping is also in this packet. Copy programs saprouter and niping to the newly created directory /usr/sap/saprouter.
If you cannot copy the programs from SAP Service Marketplace, you can copy a version (may be obsolete) from your directory /usr/sap/
3. (Optional) If you want to start the SAProuter on the same computer used for an SAP instance, insert the following line into file /usr/sap/
#
# Start saprouter
#
SRDIR=/usr/sap/saprouter
if [ -f $SRDIR/saprouter ] ; then
echo “\nStarting saprouter Daemon “ | tee -a $LOGFILE
echo “----------------------------“ | tee -a $LOGFILE
$SRDIR/saprouter -r -R $SRDIR/saprouttab \
| tee -a $LOGFILE &
fi
Insert the lines before the commands to start the SAP instance.
Normally the SAProuter runs on a different computer. If this is so, this step is omitted and you start the SAProuter as described in Starting the SAProuter.
4. Maintain the route permission table in directory /usr/sap/saprouter. If you want to keep it in another directory or under a name other than saprouttab, you must specify this with the SAProuter option -R (see Option R
This should help in SAP Router configuration and installation.
