SAP Knowledge Base Article - Public

3121555 - [Onboarding 1.0] Error Your Seamless login has failed due to SHA-256 Certificate Update

Symptom

When customer try to come from BizX to Onboarding 1.0, we might see a ‘seamless login failed’ error. This could happen due to SHA-256 certificate update

"Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental." 

Environment

SAP Successfactors Onboarding 1.0

Reproducing the Issue

  1. Login to Instance
  2. Access Onboarding 1.0 dropdown from Bizx
  3. View Error "Your Seamless login has failed"

Cause

  • With our Second Half 2021 Release the SHA-1 signing mechanism in the Assertion Consumer Services (ACS) will be deprecated in favor of the SHA-256 signing certificate.
    This is being done as part of our ongoing effort to enhance security.
  • Update provided in Community Portal 

Resolution

What needs to be checked & updated:

  1. Go to Account’s Provisioning Site
  2. Authorized SP Assertion Consumer Service Settings page.




  3. Please verify whether the ‘SHA-256 Certificate’ checkbox is checked or not. If it’s unchecked, please check this checkbox and save it.
  4. Also go to Admin Centre
  5.  Authorized SP Assertion Consumer Service Settings and make sure SHA-256 Certificate option is checked against Onboarding 1.0

  6.  Then come to Super Admin site and go to the specific account
  7. Account Options
  8. Please look for ‘Security.SAML20.X509Certificate.SerialNumber
  9. Now update this account option with right serial number 494BBDA4

See Also

Keywords

SHA-256 Certificate, Onboarding 1.0, Seamless Error, ERROR [AccountName] [] [] [] KMS.XpressHR.SSO.SAML20.AssertionConsumerService - Certificate serial# [494BBDA4] does not match [XXXX]  , KBA , LOD-SF-OBD-INT , Integrations with Onboarding , Problem

Product

SAP SuccessFactors Onboarding 2111

Attachments

Pasted image.png