SAP Knowledge Base Article - Preview

2947338 - Access denied, certificate enrollment is not allowed / HTTP 403 Forbidden - SAP Single Sign-On


  • Secure Login Client reports the error "Access denied, certificate enrollment is not allowed".
  • The Secure Login Client and Server traces show a successful log-in but a HTTP Status 403 Forbidden error during certificate creation.
  • Report SSF_CERT_RENEW on Certificate Life Cycle Management Cockpit in Java or in the sapslscli fails when trying to renew Certificate, with 403 Forbidden error in the Server traces.



  • SAP Single Sign-On 3.0
  • SAP NetWeaver Application Server Java


SAP Single Sign-On 3.0


Secure Login Server , KBA , BC-IAM-SSO-SL , Secure Login , BC-JAS-SEC-LGN , Logon, SSO , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.