Skip to Content

SSOEXT with non-SAP Java system

May 17, 2017 at 11:57 AM


avatar image


I would like to use SAP SSOEXT 15 to integrate into a Java web application but get an error: CRC 5 RESULT 27 Incorrect signature or encryption. I assume I have made a mistake exporting the certificate from our NW7.4 server or importing it onto the non-SAP system.

I've used STRUST to export the 'SSF Logon Ticket/System PSE' certificate.

I'm not sure where SSOEXT would expect to find the certificate on the other server. I'm using sapssoext.jar which contains the sapcrypto and sapssoext DLLs. Would these look in the Java keystore or truststore or in the Windows certificate store? Or somewhere else entirely.

Kind regards


10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

1 Answer

Steve Coombes May 19, 2017 at 11:36 AM

I worked it out in the end. It's quite straightforward.

I used STRUST 'Verify PSE' to create a keystore and copied it onto the non-SAP application server.

Then passed the location of the PSE into the evalLogonTicket method:

SSO2Ticket.evalLogonTicket (cookieValue, "c:\\temp\\eq1.pse", null);

10 |10000 characters needed characters left characters exceeded