Skip to Content

Archived discussions are read-only. Learn more about SAP Q&A

Secure Login Web Client throws exception: java.lang.ClassNotFoundException: com.sap.securelogin.client.applet.SecureLoginClient.class

Hello Experts!

We're currently configuring SAP NW SSO 2.0 and we're getting an error when log-in to the SL Web Client having an expired certificate.

The scenario is a Secure Login Server component installed on the same SAP Application Server where a SAP SRM runs. The Secure Login Server is supposed to generate X.509 certificates in order to perform SSO against different SAP Systems in the Landscape, including the SRM server itself.

Due to customer requirements the Certificate should expire in a short time, i.e. 10 minutes.

At his point, we were able to successfully generate and X.509 certificate and use it to perform SSO against ABAP and Java Systems.

As configured, after 10 minutes, the certificate expires. If we try to log-on again to the Secure Login Web Client in order to get a new certificate an error occurs:


In the java console, the first exception we get is:

network: Connecting https://<hidden server name>:50001/SecureLoginServer/webclient/sap.com~securelogin.webclient.jar?version=1410707274078 with proxy=DIRECT

network: Connecting http://<hidden server name>:50001/ with proxy=DIRECT

security: Loading certificates from Deployment session certificate store

security: Loaded certificates from Deployment session certificate store

security: SHA-256Certificate finger print: <here fingerprint 1>

security: Checking if certificate is in Internet Explorer DISALLOWED certificate store

security: SHA-256Certificate finger print: <here fingerprint 2>

security: Checking if certificate is in Internet Explorer DISALLOWED certificate store

javax.net.ssl.SSLException: Received fatal alert: illegal_parameter

    at sun.security.ssl.Alerts.getSSLException(Unknown Source)

Workarounds:

We found the following workarounds that aren't suitable for us. We require the SL Web Client to automatically handle such situation without changes in the client machines.

1) Delete the expired certificate in IE manually and restart IE.

2) Disable in the Java Control panel "Use certificates and keys in browser keystore" and install the Secure Login Root CA certificate in the Java VM.

Any thoughts? have you faced the same issue?

Thank You!!

Diego.

Tags:

Helpful Answer

by
Not what you were looking for? View more on this topic or Ask a question