- SAP Community
- Groups
- Interest Groups
- Application Development
- Discussions
- Single SignOn between Portal and OpenSSO with Logo...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Single SignOn between Portal and OpenSSO with Logon Ticket
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-19-2011 11:00 PM
I'm configuring the Single Sign On between SAP Portal and OpenSSO using
login ticket.
The certificate is generated by OpenSSO with the public-key algorithm RSA.
After inclusion of the certificate information (trustedsys, trustediss
and trusteddn) on access control list entries, executing the procedure:
"Visual administrator => Security Provider => User Management => Manage
User Stores => EvaluateTicketLoginModule => View / Change Properties".
When this information is displayed on the portal (https: / /
ephost.company.com.br: 50501/nwa) by setting: configuration => trusted
systems, is shown the error "Certificate has an invalid public-key
algorithm".
If this entry is performed directly in the portal with the procedure:
"add trusted system => by manually uploading certificate" is presented
the same error message "Certificate has an invalid public-key algorithm".
What needs to be done to solve this problem and to allow the inclusion
of the certificate with the public key algorithm RSA such a trusted system?
Thanks
Josue Neto
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-20-2011 12:25 AM
Hi,
The problem might be in the length of the key. What version are you on and which algorithm do you sue for signing (RSA is a broad term).
Cheers
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-20-2011 12:25 AM
Hi,
The problem might be in the length of the key. What version are you on and which algorithm do you sue for signing (RSA is a broad term).
Cheers
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-20-2011 1:12 PM
Hi Martin, thanks by return.
The algorithm is sha1RSA, version V3, identity algorithm sha1, both public key RSA 2048 and RSA 1024.
Josue Neto
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-21-2011 12:39 AM
Hi,
is it possible that you can try DSA instead of RSA? BTW this [blog|http://developers.sun.com/identity/reference/techart/sso.html#2] may be helpful.
Cheers
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-26-2011 8:54 PM
No, the customer use the RSA algorithm, and not accept change to DSA.
Thanks
Josue Neto
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-27-2011 12:13 AM
Hi,
the reason why I asked was that I saw somewhere in documentation that SSO uses DSA.
Cheers
- SAP Managed Tags:
- Security
