SAP Sales Cloud Relationship Intelligence Setup- Generating Password Protected Self-Signed Certificate using open SSL

This series of blog posts provides a good overview of how to configure Relationship Intelligence which is now available with SAP Sales Cloud’s Intelligent Sales Add-on.

Currently, we only support integration with Office 365 hence this is a prerequisite for this solution.

Please make sure you refer to all these blogs for end-to-end setup.

  1. Setting up your Application and Distribution List/Group in the Azure portal 
  2. Generating Password Protected Self-Signed Certificate using open SSL (This Blog)
  3. Setting up Relationship Intelligence in SAP Sales Cloud (Will be released soon)

This blog will provide you guidance on how to generate a password-protected self-signed certificate. This is required to authenticate the connection between Azure and the relationship intelligence application.

The following steps will be covered

  1. Install Open SSL
  2. Generate a Private Key
  3. Generate certificate (.crt format)
  4. Upload certificate (.crt) in Azure Portal
  5. Generate Certificate  (.pks format)
  6. Upload Certificate (.pks) with password in SAP Sales Cloud
  1. The first step is to verify if you have open SSL installed in your system. To go to Terminal or command prompt and simply run “open SSL”. if it is available then it shall open. If it is not available then please refer to the Open SSL website for instructions to install it.

Check SSL Installation

2. Generate a private key.

a. Use the below command to generate the 2048-bit RSA private key

req newkey rsa:2048 keyout privatekey.key out mycsr.csr

You shall be asked for a PEM Pass phrase which is required to protect the private key files.

Do remember or note this down you will be asked to confirm this again in subsequent steps.


Create Pass Phrase

b. once the PEM Pass Phrase is created, you will be asked a few questions for information that will be included in the private key. Try to answer as appropriately as possible. You don’t have to worry much about the accuracy since this is going to be a self-signed certificate and not signed by any authority.

Provide private key Information

c. After answering all the questions, you need to maintain a challenge password. Once you enter the password and press enter your private key would have been generated in the path specified while installing open SSL.

Private Key Generated

Private%20key%20generated

Private key generated path

3. Generate Certificate

To Generate the certificate, please run the below command

x509 req days 365 in mycsr.csr signkey privatekey.key out certificate.crt

The system will ask for the PEM Pass Phrase as a confirmation. Once entered the certificate will now be generated at the same path as earlier

Certificate(.Crt) generation

Certificate generated path

4.  This certificate (.crt) created from step 3, must be updated in the Azure portal under  Manage-> Certificate and Secrets -> Upload certificate

upload .crt file in Azure portal

5. Generate PKCS certificate file

Generate the pkcs certificate file run the below command

pkcs12 export out certificate.pfx inkey privateKey.key in certificate.crt

Enter the PEM Pass Phrase that you had created earlier

Next, the system will ask you to maintain the “Export password”.

Once maintained the  certificate in .pfx format will be generated in the same path as earlier

Generating .pfx certificate 

Certificate generated path

6. This certificate in .pfx format along with the “export password” you must maintain in the relationship intelligence configuration-> server connection

By following the above steps you can generate a password-protected self-signed certificate. This is sufficient for authenticating your application with relationship Intelligence. Please note this is just one of the ways to generate the certificate using Open SSL. Do check with your IT /security team if there are any recommended approaches and tools.

For details on how to complete the setup in Sales Cloud, I shall be publishing a new blog post soon

Please do share your feedback and thoughts in the comments related to this blog post