Hi all,
I am trying to configure a cenario using SAP NW SSO 2.0 in which users authenticate using SNC with kerberos tokens to system A, and system A communicates with system B using SNC RFC.
As described in the implementation guide:
SNC with kerberos on system A works perfectly. I've configured the SNC identity as described in the guide - CN=SAPServiceABC, OU....
On system B, I've configured snc with identity CN=SID, OU....
On system A gssapi_lib is set to the secure login library, and on system B it is set to the SAPCRYPTOLIB.
I've imported system A certificate from SNC SapCryptolib PSE into trusted certificates of system B SNC SapCryptolib PSE. I've also added system A to SNC ACL table of system B.
Eventually, I created an RFC destination with SNC from system A to System B. But when I the RFC I get the following error:
A2200210: Peer certificate verification failed.
In SLLTrace, I see the following:
[KERBEROS] [6808] ERROR(0xA2600202) in KERBEROS-> sec_kerberos_ClientGetTicket(): No kerberos ticket for requested service
[GSS][6808] Cli-40000003: Server certificate not trusted
[GSS][6808] Cli-40000003: <- Msg 1993ServerHello process failed: errval=d0000, minor_status=a2200210
Seems like I'm missing something with configuring the trust between the systems, But I can't seem to find it.
I would really appreciate your help on this.
Thanks,
Ilia Medvedev.