Hi All,
We are a 3rd party vendor trying to implement single sign on with the client's SAP system. Our client have provided us with a SAPSSOEXT archive that contains the library files and a sample program to verify the ticket. The application environment is running in 64bit linux OS. After installing libraries and compiling the sample C program following the instructions, we are successfully able to decrypt/verify the sample ticket provided as part of the archive.
./ssosamp -i ticket.txt -p verify.pse
***********************************************
Output of program:
***********************************************
The ticket
AjExMDABAAdTQVBVU0VSAgADOTk5AwADRVhUBAAMMjAxMTA5MDcxMDQ2BQAEAAKsYAgAAQEgABFwb3J0YWw6UE9SVEFMVVNFUogAE2Jhc2ljYXV0aGVudGljYXRpb27/AT4wggE6BgkqhkiG9w0BBwKgggErMIIBJwIBATELMAkGBSsOAwIaBQAwCwYJKoZIhvcNAQcBMYIBBjCCAQICAQEwVzBMMQswCQYDVQQGEwJERTEcMBoGA1UEChMTbXlTQVAuY29tIFdvcmtwbGFjZTERMA8GA1UECxMIU0FQIFRlc3QxDDAKBgNVBAMTA1NZUwIHIBEIJBVVSDAJBgUrDgMCGgUAoF0wGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTEwOTA3MTA0NjEzWjAjBgkqhkiG9w0BCQQxFgQU4lvc!J0ne0uWJDAlmYY2vGhfkq4wCQYHKoZIzjgEAwQvMC0CFCuCpBG10JDoxYQ/QgqlN!Zc7rxRAhUAiaj46GoR3Ayo2PgJFZlNwg2axL4=
was successfully validated.
User : SAPUSER
Ident of ticket issuing system:
Sysid : EXT
Client : 999
External ident of user:
PortalUsr: PORTALUSER
Auth : basicauthentication
Ticket validity in seconds:
Valid (s): 557661780
Certificate data of issuing system:
Subject : CN=SYS, OU=SAP Test, O=mySAP.com Workplace, C=DE
Issuer : CN=SYS, OU=SAP Test, O=mySAP.com Workplace, C=DE
However when we try a real ticket generated from client's SAP portal, I get the following error message: "The mySAP.com logon ticket couldn't be verified. The standard error code is 20. The SSF error code is 7."
I gather from the documentation that it means the private address book could not be loaded from the provided verify.pse file. The client has confirmed it is the right key.
Can you please help in troubleshooting this issue further?
Thanks,
Aravind.