on 07-28-2012 2:03 PM
Dear Experts
we are trying to configure duet ent. but when we finished the configurations we faced security error in the sharepoint and same error when checking SCL SRTUTIL we found the same error which is
An exception occurred: Unknown signer or recipient
Unknown signer or recipient
and the error details are the following
--ERROR_INFO | |
---EXCEPTION_INFO | |
----TYPE | CX_WS_SECURITY_FAULT |
----ERROR_TEXT | An exception occurred: Unknown signer or recipient |
----CX_SOAP_CORE | |
-----E_LOCATION | |
------CLASS | CL_ST_CRYPTO_X509=============CP |
------METHOD | CL_ST_CRYPTO_X509=============CM00H |
------ID | 170 |
-----E_TEXT | CX_WS_SECURITY_FAULT:An exception occurred: Unknown signer or recipient |
-----E_ID | 1001 |
-----E_FAULT_LOCATION | 1 |
-----E_AREA | APPL |
-----E_HOST | 0 |
-----E_PROCESS_CONTROL |
please help us to find the root cause.
thanks
Sameh Essa
Hi Sameh,
This might be a SAML2 problem between SharePoint and SAP Gateway server.
Perform following checks:
1) Did you import the SharePoint STS certificate into SAP Gateway? You should then see in STRUST -> SSF SAML2 Service Provider – S, the SharePoint Security Token Service certificate: CN=SharePoint Security Token Service, OU=SharePoint, O=Microsoft, C=US
2) If so: check the SAML2 settings in transaction /IWFND/WSS_SETUP: run program wss_setup from SE38 and check that TripleDesSha256Rsa15 is selected.
(you can also access the SAML2 settings via transaction SPRO -
SAP Implementation Guide \ SAP Web Appliction Server \ Gateway \ Generic Channel \ Configuration \ Connection Settings \ SAP NetWeaver Gateway to Consumer \ Configure Web Service Message-Based Authentication; this will also open transaction /IWFND/WSS_SETUP)
Best regards, William.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi William
1- yes we imported SharePoint STS certificate into our SCL System.
in STRUST we see the SharePoint Security Token Service certificate already
CN=SharePoint Security Token Service, OU=SharePoint, O=Microsoft, C=US
2-yes we checked the program wss_setup and everything is alright .
after running the program again with the algorithm and the all variables in the guide we faced another error
Value | An exception occurred: Invalid algorithm (expected http://www.w3.org/2001/04/xmldsig-more#rsa-sha256, received http://www.w3.org |
we checked the post http://scn.sap.com/thread/1972016 and we made sure we used the right BDC files
we started to configuration from the wizard and now troubleshooting from the deployment guide and from the troubleshooting document.
please advice what else can we check
thanks
Sameh Essa
Hi Sameh,
so you re-run the wss_setup with thee "TripleDesSha256RSA15" settings? Now it looks like there is a missmatch between the used algorithm suites. Please export the BDC models one more time from the Gateway system and import them again to SharePoint (you will have to remove the previous BDC models using "DuetConfig /removeBDC" first) .
Hopefully after the import in SharePoint this error will be fixed.
Regards,
Holger.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.