Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Configuring SAP Logon Ticket on WAS

Go to solution
Former Member

‎02-22-2007 3:34 PM

0 Kudos

Hi All,

I am trying to configure Logon Tickets on my WAS 6.2 System (Basis Patch Level 32 and ABAP Patch Level 57).

I have read quite a bit in the HELP and OSS but am unable to get this working.

Here is what have done so far:

In the DEFAULT.PFL file I have created the following entries

login/accept_sso2_ticket=1

login/create_sso2_ticket=2

login/ticket_expiration_time=6000

sec/libsapsecu=.\sapsecu.dll

ssf/ssfapi_lib=.\sapsecu.dll

ssf/name=SAPSECULIB

In the BSP_D00.pfl file I have the following

DIR_EXECUTABLE=.

Here is the problem. When I run transaction STRUST, I am immiediately prompted for a password for the system PSE. I have no idea what password this is. Does anyone know what I need to put in there? I have tried several things (User Pwd, etc) but I get an error. At the bottom of the screen there is also the error message

Error during test signature

Anyone have any ideas?

1 ACCEPTED SOLUTION

Go to solution
desiree_matas
Contributor

‎02-22-2007 4:52 PM

0 Kudos

Hello Alon

Did you assign a PIN when you created the PSE? If so, that is the password transaction STRUST is asking for. If the password is lost, then the only alternative is to recreate the PSE. But keep in mind that the keys stored in the PSE (private key,

own certificate, CA certificate (if available) and certificates in the certificate list) will disappear if you recreate the PSE.

If you have not used a PIN when creating the PSE, then it is possible that the PSE has become corrupted (this is the reason why the STRUST asks for the password) and then you will have to recreate the PSE again.

Some further information on SSO can be found in http://service.sap.com/security --> security in detail --> secure user access.

Best regards,

Désiré

3 REPLIES 3

Go to solution
desiree_matas
Contributor

‎02-22-2007 4:52 PM

0 Kudos

Hello Alon

Did you assign a PIN when you created the PSE? If so, that is the password transaction STRUST is asking for. If the password is lost, then the only alternative is to recreate the PSE. But keep in mind that the keys stored in the PSE (private key,

own certificate, CA certificate (if available) and certificates in the certificate list) will disappear if you recreate the PSE.

If you have not used a PIN when creating the PSE, then it is possible that the PSE has become corrupted (this is the reason why the STRUST asks for the password) and then you will have to recreate the PSE again.

Some further information on SSO can be found in http://service.sap.com/security --> security in detail --> secure user access.

Best regards,

Désiré

Go to solution
Former Member

‎02-22-2007 5:19 PM

0 Kudos

Hi Desiree,

Thank you very much for your response.

I did not assign a PIN to the PSE because I never created the PSE. From what I have read, the SYSTEM.PSE is automatically created when you launch the WAS server. I did (at one point) delete the SYSTEM.PSE and I noticed that the WAS created a brand new one. However, when I launched STRUST again it prompted me for a password/pin.

Should I create my own PSE or can I use the SYSTEM.PSE. I plan on using my own certificate as this is just a proof of concept system.

Regards,

Alon

Go to solution
Former Member

‎10-01-2007 11:37 AM

0 Kudos

Hi Alon,

Give the password of J2ee_admin or Administrator which you use for entering into visual admin.

Regards,

Madhusudhan