How To Fix 00787 - Caution: Certificate-based logon is rule-based

The SAP error message "00787 Caution: Certificate-based logon is rule-based" typically indicates an issue related to the configuration of certificate-based authentication in an SAP system. This error arises when the system is set up to use certificate-based logon, but the rules governing this logon method are not properly configured or are not being met.
Cause:

Configuration Issues: The system may not have the correct configuration for certificate-based authentication. This could include missing or incorrect entries in the profile parameters or the SSL configuration.
Rule-Based Logon: The system is expecting a specific set of rules to be followed for certificate-based logon, and these rules may not be satisfied. This could involve user roles, permissions, or specific attributes that need to be present in the certificate.
Certificate Issues: The certificate being used may not be valid, may not be trusted by the SAP system, or may not contain the necessary attributes required for authentication.

Solution:

Check Configuration: Review the configuration settings for SSL and certificate-based authentication in the SAP system. Ensure that all necessary parameters are correctly set in the instance profile.
Review Logon Rules: Check the rules defined for certificate-based logon. This may involve looking at the security policies in place and ensuring that the user’s certificate meets the required criteria.
Validate Certificates: Ensure that the certificates being used are valid, trusted, and contain the necessary attributes. You may need to check the certificate chain and ensure that the root and intermediate certificates are correctly installed in the SAP system.
User Roles and Permissions: Verify that the user attempting to log in has the appropriate roles and permissions assigned to them in the SAP system.
Consult Documentation: Refer to SAP documentation or support notes related to certificate-based authentication for specific configuration steps and troubleshooting tips.

Related Information:

SAP Notes: Check for any relevant SAP Notes that may address this specific error or provide additional guidance on configuring certificate-based logon.
SAP Community: Engage with the SAP Community forums to see if other users have encountered similar issues and what solutions they have found.
Security Configuration: Familiarize yourself with the security configuration settings in SAP, particularly those related to SSL and authentication methods.

If the issue persists after following these steps, it may be beneficial to consult with your SAP Basis team or reach out to SAP support for further assistance.