Do you have any question about this error?
Stop googling SAP errors. Use our Free Essentials plan instead - no credit card needed. Start Now →
Stop googling SAP errors. Use our Free Essentials plan instead - no credit card needed. Start Now →
Message type: E = Error
Message class: TRUST - Certificate Management
Message number: 013
Message text: Certificate no longer has signature (use restriction)
Certificates entered in the certificate list of a PSE no longer have a
signature and can therefore only be used for verifying digital
signatures. The certificate itself can no longer be verified.
The certificate you want to export comes from the certificate list of
the PSE and its use is therefore restricted (as described above).
The system issues an error message and will not allow you to continue with this transaction until the error is resolved.
Note that the exported certificate is only suitable for import into a
certificate list of a PSE.
Error message extract from SAP system. Copyright SAP SE.
TRUST013 - Certificate no longer has signature (use restriction) ?The SAP error message TRUST013 indicates that a digital certificate is no longer valid due to a signature restriction. This typically occurs when the certificate has been revoked, expired, or is otherwise deemed untrustworthy by the system.
Causes:
- Expired Certificate: The certificate has reached its expiration date and is no longer valid.
- Revoked Certificate: The certificate has been revoked by the Certificate Authority (CA) due to security concerns or other reasons.
- Signature Algorithm Issues: The certificate may use a deprecated or insecure signature algorithm that is no longer accepted by the system.
- Trust Relationship Issues: The certificate may not be trusted by the SAP system due to missing root or intermediate certificates in the trust store.
Solutions:
Check Certificate Validity:
- Verify the expiration date of the certificate. If it is expired, you will need to obtain a new certificate.
- Check if the certificate has been revoked by consulting the Certificate Revocation List (CRL) or using Online Certificate Status Protocol (OCSP).
Update the Certificate:
- If the certificate is expired or revoked, request a new certificate from the Certificate Authority (CA).
- Install the new certificate in the SAP system.
Update Trust Store:
- Ensure that the root and intermediate certificates are correctly installed in the SAP trust store. This can be done using transaction STRUST.
- Import the necessary certificates into the trust store if they are missing.
Check Signature Algorithm:
- If the certificate uses an outdated signature algorithm (like SHA-1), consider reissuing the certificate with a more secure algorithm (like SHA-256).
Reconfigure SSL/TLS Settings:
- If applicable, review and update the SSL/TLS settings in the SAP system to ensure compatibility with the new certificate.
Related Information:
By following these steps, you should be able to resolve the TRUST013 error and restore the functionality that relies on the digital certificate.
Get instant SAP help. Sign up for our Free Essentials Plan.
TRUST012 Unknown error
Self-Explanatory Message Since SAP believes that this specific error message is 'self-explanatory,' no more information has been given.The majority of...
TRUST011 No entry found
What causes this issue? The system cannot find an entry with the specified key in the database.System Response The system issues an error message an...
TRUST014 Cannot import certificate from SAP Workplace Certification Authority (CA)
Self-Explanatory Message Since SAP believes that this specific error message is 'self-explanatory,' no more information has been given.The majority of...
TRUST015 Data saved
Self-Explanatory Message Since SAP believes that this specific error message is 'self-explanatory,' no more information has been given.The majority of...
Click on this link to search all SAP messages.
ERPlingo's SAP support assistant is amazing. Saves me countless hours trying to solve complex SAP issues myself. It's a real game changer!
