Announcement:
wanna exchange links? contact me at sapchatroom@gmail.com.
Posted by
Admin at
Hi Danny and Shashank,
Yes, I have defined JCO connection from portal to ERP and SM59 - TCP/IP connection also working. As I am able to see the R/3 screen when I try System Administration --> Support --> SAP Application --> Transaction -> Test
It takes me to R/3 screen and it says " Issuer of SSO2 ticket in not authorized" .. as per the logon ticket mechanism it should not ask me any credentials and from portal we have to access R/3 but this is not happening due to above error.
Regards,
Vinod
| | | ---------------Original Message---------------
From: vinod tammana
Sent: Friday, July 22, 2011 8:56 AM
Subject: SSO_Configuration
Hi Gurus,
I have configured SSO between R3 and EP system.SSO is giving error "Issuer of SSO ticket is not authorized.
I have configured and maintained all settings properly however SSO is not working.
I have maintained profile parameters in RZ10 and maintained FQDN.
login/create_sso2_ticket 2
login/accept_sso2_ticket 1
Even I have deleted SAPLogonTicker* & SAPLogonTicker-cert * entries fom keystore view through Visual admin tool and re created but none of my trails were sucessful.
After I recreated SAPLogonTicker entries I have observed that SAPLogonKeypair entires are missing in "keysrtoreAdministration" portal but the same is showing properly in Visual admin tool.
Portal :
*******
SAPLogonTicketKeypair :
Algorithm : DSA
Kaylength: 1024
Visual Admin Details:
* * * * * * * *
SAPLogonTicketKeypair:
PRIVATE KEY
[ creationDate ]: Fri Jul 22 13:22:57 IST 2011
[ algorithm ]: DSA
[ format ]: PKCS#8
[ selfSigned ]:
[ DN ]: OU=J2EE,CN=SNP
[ issuerDN ]: OU=J2EE,CN=SNP
[ validNotBefore ]: Fri Jul 22 13:22:56 IST 2011
[ validNotAfter ]: Tue Jul 22 13:22:56 IST 2031
[ signAlgorithm ]: dsaWithSHA (1.2.840.10040.4.3)
[ fingerprint ]: AB:8A:A3:34:EF:38:A2:8A:C0:A7:D3:22:57:CD:BE:44
[ subjectKeyIdentifier ]: <none>
[ publicKey ]:
[ algorithm ]: DSA
[ format ]: X.509
SAPLogonTicketKeypair-cert:
CERTIFICATE
[ creationDate ]: Fri Jul 22 13:22:57 IST 2011
[ DN ]: OU=J2EE,CN=SNP
[ issuerDN ]: OU=J2EE,CN=SNP
[ validNotBefore ]: Fri Jul 22 13:22:56 IST 2011
[ validNotAfter ]: Tue Jul 22 13:22:56 IST 2031
[ signAlgorithm ]: dsaWithSHA (1.2.840.10040.4.3)
[ fingerprint ]: AB:8A:A3:34:EF:38:A2:8A:C0:A7:D3:22:57:CD:BE:44
[ subjectKeyIdentifier ]: <none>
[ publicKey ]:
[ algorithm ]: DSA
[ format ]: X.509
Exported certificate and imported in STRUSTSSO2 and added to ACL. Connection test also failing with below information:
Test Connection with Connector
Test Details:
The test consists of the following steps:
1. Retrieve the default alias of the system
2. Check the connection to the backend application using the connector defined in this system object
Results
Retrieval of default alias successful
Connection failed. Make sure that Single Sign-On is configured correctly.
I see below entries in work process trace
N *** ERROR => System ID and client from ticket are not the same than mine. [ssoxxkrn.c 1061]
N *** ERROR => Neither was ticket issued by myself nor can I find issuer in TWPSSO2ACL (see note 1055856). [ssoxxkrn.c 1067]
N
N Fri Jul 22 14:00:53 2011
N *** ERROR => System ID and client from ticket are not the same than mine. [ssoxxkrn.c 1061]
N *** ERROR => Neither was ticket issued by myself nor can I find issuer in TWPSSO2ACL (see note 1055856). [ssoxxkrn.c 1067]
N *** ERROR => System ID and client from ticket are not the same than mine. [ssoxxkrn.c 1061]
N *** ERROR => Neither was ticket issued by myself nor can I find issuer in TWPSSO2ACL (see note 1055856). [ssoxxkrn.c 1067]
N
N Fri Jul 22 14:02:05 2011
N *** ERROR => System ID and client from ticket are not the same than mine. [ssoxxkrn.c 1061]
N *** ERROR => Neither was ticket issued by myself nor can I find issuer in TWPSSO2ACL (see note 1055856). [ssoxxkrn.c 1067]
N *** ERROR => System ID and client from ticket are not the same than mine. [ssoxxkrn.c 1061]
N *** ERROR => Neither was ticket issued by myself nor can I find issuer in TWPSSO2ACL (see note 1055856). [ssoxxkrn.c 1067]
N
N Fri Jul 22 14:02:31 2011
N *** ERROR => System ID and client from ticket are not the same than mine. [ssoxxkrn.c 1061]
N *** ERROR => Neither was ticket issued by myself nor can I find issuer in TWPSSO2ACL (see note 1055856). [ssoxxkrn.c 1067]
I would appreciate for any helpful suggestions.
Thanks & Regards,
Vinod |
| __.____._ Copyright © 2011 Toolbox.com and message author.
Toolbox.com 4343 N. Scottsdale Road Suite 280, Scottsdale, AZ 85251
| |  vinnu_2010
SAP Basis Enthusiast
Contributed 100 posts in a group to earn a Bronze Achievement Popular White Papers
In the Spotlight  _.____.__ |
