Jco Connection test fail : Issuer of SSO ticket is...

Dear Experts,

While testing the JCO connections for Model data connections am getting

Error : com.sap.mw.jco.JCO$Exception: (103) RFC_ERROR_LOGON_FAILURE: Issuer of SSO ticket is not authorized.

I have done the SSO configuration. I have followed all the steps suggested in others threads in scn but still am not able to solve this issue.

Please help me on this.

Regards

Sowmya

SAP Managed Tags:
PORTAL Administration and Development

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Accepted Solutions (0)

Answers (1)

HI,

Check note 1769367 - Issuer of SSO ticket is not authorized .

This might help.

Regards,

Navya

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Hi Navya,

I have followed the steps in the mentioned note. Still am facing same issue.

Regards

Sowmya

Please check your entries in transaction STRUSTSS02.

You must have your client in the ACL.

After that, check the SAP Logon Ticket for your system through Environment -> SAP Logon Ticket.

In the output, you can have a red alert concerning the certificate. Use the Activate button...

Hi Vijay,

Am bit confused here, am doing SSO for the first time.

In transaction STRUSTSS02, i have below Certificate Lists.

CN=NSP,

OU=J2EE,CN=NPQ

OU=J2EE,CN=NSP

CN=QLT,C=IN

All there 4 were available befor i do SSO. I have downloaded the SSO cetificate form Portal and removed the 4th entry and added again to certificate list and ACL as well.

But in ACL table now available Entries are as below.

Am doing This in client 555 and System Id :NPQ.

Please guide me if anything wrong.

Regards

Sowmya

this sso is logonticket or userid/password type?

This is Logonticket Type..

Regards

Sowmya

Do check the validity from and to Date of the certificate. Also these are the steps to export the Portal Certificate.

Download a portal server certificate ( equivalent to verify.der ) as a ZIP file under portal

1. Logon to R3

2. Enter Tcode - STRUSTSSO2

3. Double click owner certificate. - The certificate gets reflected under the 'CERTIFICATE' TAB.

4. Click Export Certificate. (Left to 'ADD Certificate List)

5. Choose Format Binary

6. Choose file export path and enter a file name and save to your local drive.

You have to double click the owner certificate and not some certificate in the certificate list. Please do verify these steps.

Hi Vijay,

This PortalVersion: "7.31". Certificates validation date is not expired.

And when i download the CErtificate from Portal nwa, it is in .crt format.

Same file i have exported and followed the steps mentioned.

and import into the ECCImporting JAVA Ticket into backend system to configure SSO

Hi Vijay,

I have downloaded new file as mentioned,

SelectSAPLogonTicketKeypair-certfrom the list of available view entries.
ChooseExport Entry.
ChooseBinary X.509 Certificate File
for the download format.

While importing this is giving Error Message Trust008, since the certificate already added

check with BASIS people

Dear Vinay,

Thanks for giving try, ill check with Basis team, Am getting another error : Cannot connect to the provider in UWL. Who has to do the RFC destination connections? Basis people or Portal consultant?

RFC destination connections means SLD and JCO's

Cannot connect to the provider in UWL

try this

(UWL)Error message while trying to connect to provider - Technology Troubleshooting Guide - SCN Wiki

i have gone through all the links, Since RFC Destinations are already created , am just verifying it.

Here SLD connections are working fine. JCO are not working because of SSO.

Now the main issue is SSO. Not able to find the solution for this

Ask a Question

Top Q&A Solution Author

User

Count