Skip to Content
1
Former Member
Dec 13, 2013 at 10:45 AM

SNC certificate error TRUST040

536 Views

Hi All,

I am getting an error TRUST040 when trying to replace first and delete/ create SNCcryptolib certrificate in strust transaction.

I have gone through following notes but was not able to find the solution.

510007 - Setting up SSL on Web Application Server ABAP

1471126 - STRUST: How to correctly install SAPCRYPTOLIB

1375378 - Select the right version of an SAP security toolkit

397175 - SAP Cryptographic Software - Export control

455033 - SAPCRYPTOLIB versions, bugs and fixes


Environment variables,Parameteres in RZ10, sapcrytolib all are set properly as described in the sap notes.



1) Iam getting this error in solution manager

2) SNC SAProuter is also running on the same host as solution manager

3) RFC connection SM_<SID>_BACK in ECC to solman are failing with TYPE=E error


When i looked at OS level on solution manager, i found sapcryptolib.dll in two locations one under saprouter directory and other under \<sid>\exe and following are env.variables.


1) Environment Variables

a) under user variables for SIDADM

SECUDIR is set to E:\usr\sap\saprouter\

SNC_LIB is set to E:\usr\sap\saprouter\sapcryto.dll

b) Under system variables

SAPSECUDIR is set to E:\usr\sap\SID\SYS\exe\uc\NTAMD64

SECUDIR is set to e:\usr\sap\saprouter


Questions:

1) Are these env.variables correctly set ?

2) can sapcrypto.dll exist in different locations on the same host even though they are for two different purposes?


2) RZ10 Parameters, i think these are all required parameters which already exist in our system


snc/identity/as p:SAPService<SID>@DOMAIN

snc/accept_insecure_start 1

snc/accept_insecure_cpic 1

snc/accept_insecure_r3int_rfc 1

snc/accept_insercure_rfc 1

snc/accept_insecure_gui 1

snc/enable 1

ssf/name SAPSECULIB

DIR_EXECUTABLE $(DIR_INSTANCE)\exe

sec/libsapsecu E:\usr\sap\<SID>\SYS\exe\uc\NTAMD64\sapcrypto.dll

ssf/ssfapi_lib E:\usr\sap\<SID>\SYS\exe\uc\NTAMD64\sapcrypto.dll

ssl/ssl_lib E:\usr\sap\<SID>\SYS\exe\uc\NTAMD64\sapcrypto.dll

All this has started when RFC connections from ECC to solman are failing with TYPE= E error which is related to SNC.

As you can see i have done all background work before posting this and i guess iam missing something which iam unable to figure out. SO i would appreciate if you some one can help me .

Regards

Raj