Following wiki has been followed to configure SSO via SAP Web Dispatcher.
How to Configure SAP Web Dispatcher to Forward SSL Certificates for X.509 Authentication
However, SSO is still failed. Following error messages are shown in debug level dev_icm trace.
Connection (X/XXXX accepted on <hostname>:<port number> (protocol: HTTPS)
Client did not send a certificate, because client does not have a certificate (that is trusted by the server)!
Solution: Client has to be provided with a certificate that is trusted by the server
or existing client certificate has to be added to list of trusted CAs in the server PSE!
See above for trusted CAs in PSE '<path of backend server PSE file>'.
Client (SAP Web Dispatcher, pf=<path of webdispatcher profile>, pid=<process id>) used Client PSE '<path of webdispatcher client PSE>'!
Image /data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.
- Product independent
- Release independent
icm/verify_client / VCLIENT, PSE, STRUST, webdispatcher, x509, x.509, single sign on, Issuer certificates are trusted!, Trust cannot be verified without a certificate!, See above why client did not send a certificate!, No certificate that will be forwarded to ABAP!, icm/HTTPS/trust_client_with_issuer, icm/HTTPS/trust_client_with_subject, icm/trusted_reverse_proxy_0, icm/trusted_reverse_proxy , KBA , BC-CST-IC , Internet Communication Manager , BC-CST-WDP , Web Dispatcher , How To
About this pageThis is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).
Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.