Skip to Content

Archived discussions are read-only. Learn more about SAP Q&A

SPNego Doubt

Hi !

I've been setting up SSO using the SPNego wizard via http://server:port/spnego for a 740 Portal system.

Using the wizard, I was able to successfully setup SSO for Sandbox & Dev.

For Production, I see the below error when I use the Manual option under Add:

Error during generation of encryption key with type AES256-CTS-HMAC-SHA1-96: Illegal key size. Check the crypto policy file in use and also SAP Note 1240081


If I use the Keytab option under Add, I'm able to proceed successfully & SSO also works fine on Production.


In Dev & Sandbox I see 4 keys; whereas, Production does not show me the AES256 key.


Is there something amiss with my Production box, that the first option does not work ?

SP's levels are the same...SP 7...even SAP JVM...


Kindly help advise.......


Thanks a lot !

saba.



Former Member
replied

Dear Saba,

Hope you are doing good.

Nice to hear from you again.

Normally following note 1240081 should have fixed this issue. Both local_policy.jar and US_export_policy.jar files contain the unlimited versions. Please ensure that when you store new JCE files in the path sapjvm_N/jre/lib/security/, the old jar file are not presnt there, not even with new xtensions. Please move them to a different directory.

Also, the JVM location should be /usr/sap/<SID>/J<nr>/exe/sapjvm_6/jre/lib/security

even though the files will be present at:

/usr/sap/<SID/SYS/exe/jvm/

Once this is done, re-run the SPNEGO wizard again. If the issue still persists, kindly run the web diag tool as outlined in SAP Note No. 1332726.

   

Hope this helps.

_ _ _ _ _ _ _ _ _

Kind Regards,

Hemanth
SAP AGS
_ _ _ _ _ _ _ _ _
 

0 View this answer in context

Helpful Answer

by
Not what you were looking for? View more on this topic or Ask a question