Skip to Content

Archived discussions are read-only. Learn more about SAP Q&A

The system is unable to interpret the SSO ticket received

Hi,

Iam getting this error in portal "com.sap.mw.jco.JCO$Exception: (103) RFC_ERROR_LOGON_FAILURE: The system is unable to interpret the SSO ticket received" when iam testing JCO.

Let me explain you the complete scenario, I am trying to configure Portal and ABAP Backend both on a single server which in used for ESS/MSS.

In SSO2 following is the out put iam getting if i gave the server name

Issuing System for the Logon Ticket

SAP System HR6 Client 001

Certificate of the Issuing System for the Logon Ticket

Owner CN=HR6

Issuer CN=HR6

Serial Number 00

Validity 20061207 144316 20380101 000001

Check Sum 85:C8:7A:07:AD:96:09:7E:42:0B:38:43:F7:B6:A1:BC

Profile Parameters login/create_sso2_ticket = 2

System HR6 Is Creating Logon Tickets That Do not Include Its Certificate

The Current System HR6 Is Also the Issuing System for the Logon Ticket

An Entry in Certificate List of HR6 Is not Necessary

The Certificate for System HR6 Is Included In the Certificate List for System HR6

System HR6 Accepts Verified Logon Tickets for System HR6

-


Own System Data

SAP System HR6 Client 001

Profile Parameters login/accept_sso2_ticket = 1

Logon Tickets Are Accepted

Certificate List

The Certificate List Is Used To Verify the Digital Signature for the Logon Ticket

D:\usr\sap\HR6\DVEBMGS03\sec\SAPSYS.pse

Owner CN=HR6

Issuer CN=HR6

Serial Number 00

This Is the Certificate of the Issuing System for Logon Tickets

Systems for Which HR6 Accepts Verified Logon Tickets

The Access Control List Defines Which Systems the Verified Logon Tickets Are Accepted From

Table TWPSSO2ACL

SAP System HR6 Client 001

Owner CN=HR6

Issuer CN=HR6

Serial Number 00

This Is the Certificate of the Issuing System for Logon Tickets

SAP System HR6 Client 111

Owner CN=HR6

Issuer CN=HR6

Serial Number 00

<b>This Is the Certificate of the Issuing System for the Logon Ticket, But not the Corresponding System</b>

-


Application server PSE:

ID: CN=HR6

Namespace:

Profiles: D:\usr\sap\HR6\DVEBMGS03\sec\SAPSYS.pse

OK: file available, length: 2.179

OK: local PSE identical to original in database

OK: security toolkit available

Version

SSFLIB Version 1.555.21 ; SECUDE(tm) SAPCRYPTOLIB - SNC for SAP Server components and SSL - Version 5.5.5C (c) SECUDE GmbH 1990-2004

OK: signature tested successfully

Your suggestions/solutions will be rewarded.

Thanks & Regards,

Hari.

Former Member
Former Member replied

Hi,

i'm also facing same problem even though i set all parameters and certificate as per above discussion but still i'm facing same problem , can u help me in this mater

0 View this answer in context

Helpful Answer

by
Not what you were looking for? View more on this topic or Ask a question