Symptom
- In transaction SM21, the system logs are inundated with the warning message "SSF_KRN_VERIFY : function returned 5";
- Both the primary and secondary signing certificates are configured for SAML according to KBA 2462389, which details how to renew the IdP signing certificate on the Service Provider on NetWeaver ABAP without causing downtime;
- The primary signing certificate has expired in transaction STRUST.
"Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental."
Read more...
Environment
- SAP enhancement package 2 for SAP NetWeaver 7.0
- SAP NetWeaver 7.3
- SAP enhancement package 1 for SAP NetWeaver 7.3
- SAP NetWeaver 7.4
- SAP NetWeaver 7.5 and higher
Product
SAP NetWeaver 7.3 ; SAP NetWeaver 7.4 ; SAP NetWeaver 7.5 ; SAP enhancement package 1 for SAP NetWeaver 7.3 ; SAP enhancement package 2 for SAP NetWeaver 7.0
Keywords
trusted providers, signature and Encryption, expired signing certificate, expired certificate, Function returned 5,SAML2.0, SM21, SSF_KRN_VERIFY, Function SSF, primary signing certificate, secondary signing certificate, SSF_KRN_VERIFY : function returned 5 , KBA , BC-SEC-LGN-SML , SAML 2.0 for ABAP , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.