Self Signed certificate for SSO22KerbMap Module

Hi,

we use the SAP EP 6.0 on Web AS 6.40. We have installed the SSO22KerbMap Module on an Exchange Server 2003. We have installed the standard portal certificate, which is available in the Web AS 6.40 ticket keystore in the SSO22KerbMap Module. With this certificate the SSO to exchange works fine.

To increase the valid date of the portal certificate, we create a new self signed certificate with the visual administrator in the Web AS 6.40 ticket keystore.

We have downloaded the public certificate and put it in a PSE-File. We have installed this PSE-file in the SSO22KerbMap Module.

Unfortunately the SSO doesn't work with this new self signed ticket. In the Log-file of the SSO22KerbMap Module are the following information:

Signature byte stream:

Encoded content byte stream:

• ERROR => Verify failed with rc = 5. [ssoxxsgn.c 142]

uResult=27.

Signature invalid.

• ERROR => MskiDefaultVerify failed with rc = 1769477. [ssoxxsgn.c 216]

• ERROR => Validate ticket failed with rc = 1769477 [wpsso_v3.c 468]

Ticket is AjExMDAgAA9wb3J0YWw6UkFKT1NFUE...

Argument Dump for ticket verification:

Content byte stream:

Signature byte stream:

Encoded content byte stream:

• ERROR => Verify failed with rc = 5. [ssoxxsgn.c 142]

uResult=27.

Signature invalid.

• ERROR => MskiDefaultVerify failed with rc = 1769477. [ssoxxsgn.c 216]

• ERROR => Validate ticket failed with rc = 1769477 [wpsso_v3.c 468]

Fri Feb 24 08:14:12 2006

Ticket is AjExMDAgAA9wb3J0YWw6UkFKT1NFUE...

Argument Dump for ticket verification:

Content byte stream:

Why doesn't work the new self signed certificate?

What must we do?

Regards,

Rainer