Architecting, installing and maintaining your SAS environment

SAS 9.4 SASDM.EXE import .cer files unattended

Accepted Solution Solved
Reply
Occasional Contributor
Posts: 7
Accepted Solution

SAS 9.4 SASDM.EXE import .cer files unattended

Is there a way to unattended add .cer files to the SAS 9.4 configuration ?

Now I need to go through the wizard which is time consuming.

 

Any idea if such a command line is possible ?


Accepted Solutions
Solution
‎10-26-2017 07:05 AM
Occasional Contributor
Posts: 7

Re: SAS 9.4 SASDM.EXE import .cer files unattended

SOLVED. I would like to share my current DOS script which works:

 

@echo off

set folder=%~dp0
if #%folder:~-1%# == #\# set folder=%folder:~0,-1%

 

rd /s /q "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAS\Utilities"
rd /s /q "%appdata%\Microsoft\Windows\Start Menu\Programs\SAS"

md "%appdata%\SAS\MetadataServerProfiles"
xcopy /e /y /r %folder%\config\*.swa "%appdata%\SAS\MetadataServerProfiles\"

 

echo install certificates
rem C:\Program Files\SASHome\SASSecurityCertificateFramework\1.1\cacerts
for /f "tokens=*" %%i in ('dir /b "%folder%\CI Certficates\"') do set cert=%%i && call :add_cert %cert%

pause
exit

 

:add_cert
echo cert %cert%
call :create_rspfile %cert%
"C:\Program Files\SASHome\SASDeploymentManager\9.4\sasdm.exe" -quiet -responsefile "%temp%\cert.rsp"
goto :eof

 

:create_rspfile
rem create response file
set rspfilelocation=%folder%\CI Certficates\%cert%
echo MANAGE_TASK=certframe_add > "%temp%\cert.rsp"
echo certframe.add.file=%rspfilelocation% >> "%temp%\cert.rsp"
goto :eof

View solution in original post


All Replies
Trusted Advisor
Posts: 1,436

Re: SAS 9.4 SASDM.EXE import .cer files unattended

[ Edited ]
Posted in reply to Pollewops

Hello @Pollewops,

 

the java keytool command is your friend, since SAS basically uses the java certificate store (SASPrivateJRE) and the certificates on the Web Server you can manage them as a normal Apache server on ht httpd-ssl.cfg file. As simple as that.

 

Google: https://www.google.nl/search?q=java+import+certificates+keytool&oq=java+import+certificates+keytool&...

 

Kind regards,

Juan

SAS Employee
Posts: 319

Re: SAS 9.4 SASDM.EXE import .cer files unattended

Posted in reply to Pollewops

@Pollewops,

 

Basically, you have to update two files in /<SASHome>/SASSecurityCertificateFramework/1.1/cacerts

 

  • trustedcerts.pem - just a text file, where you need to append your Base-64 encoded X.509 certificate
  • trustedcerts.jks - this file can be updated with Java Key Tool as was mentioned above
Solution
‎10-26-2017 07:05 AM
Occasional Contributor
Posts: 7

Re: SAS 9.4 SASDM.EXE import .cer files unattended

SOLVED. I would like to share my current DOS script which works:

 

@echo off

set folder=%~dp0
if #%folder:~-1%# == #\# set folder=%folder:~0,-1%

 

rd /s /q "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAS\Utilities"
rd /s /q "%appdata%\Microsoft\Windows\Start Menu\Programs\SAS"

md "%appdata%\SAS\MetadataServerProfiles"
xcopy /e /y /r %folder%\config\*.swa "%appdata%\SAS\MetadataServerProfiles\"

 

echo install certificates
rem C:\Program Files\SASHome\SASSecurityCertificateFramework\1.1\cacerts
for /f "tokens=*" %%i in ('dir /b "%folder%\CI Certficates\"') do set cert=%%i && call :add_cert %cert%

pause
exit

 

:add_cert
echo cert %cert%
call :create_rspfile %cert%
"C:\Program Files\SASHome\SASDeploymentManager\9.4\sasdm.exe" -quiet -responsefile "%temp%\cert.rsp"
goto :eof

 

:create_rspfile
rem create response file
set rspfilelocation=%folder%\CI Certficates\%cert%
echo MANAGE_TASK=certframe_add > "%temp%\cert.rsp"
echo certframe.add.file=%rspfilelocation% >> "%temp%\cert.rsp"
goto :eof

☑ This topic is solved.

Need further help from the community? Please ask a new question.

Discussion stats
  • 3 replies
  • 123 views
  • 0 likes
  • 3 in conversation