Message type: E = Error
Message class: WSS - Web Services Security
Message number: 022
Message text: No trusted certificate for SAML authentication found (DN &1&2)
The system received a SAML assertion, which is not trusted by the SAP
system.
The system issues an error message and will not allow you to continue with this transaction until the error is resolved.
The SAML assertion (issuer &V3&) is using a X.509 certificate (&V1&&V2&)
for signing, which was not trusted by the SAP system. To trus the issuer
of the SAML assertion, obtain the certificate of the SAML issuer, and
import it into the System PSE.
Please ensure user mapping has been maintained. Please refer to the SAP
documentation and note 1254821.
SAML Issuer: &V3&
Certificate DN: &V1&&V2&
If you use report RSUSREXTID for maintaing the mapping, the following
information if usefull:
Type of External ID:SA
Prefix of External Name: &V4&
Name of Issuer: &V1&&V2&
Error message extract from SAP system. Copyright SAP SE.
WSS022
- No trusted certificate for SAML authentication found (DN &1&2) ?Certainly! Here's a detailed explanation of the SAP error message: SAP Error Message: WSS022 No trusted certificate for SAML authentication found (DN &1&2)
Cause: This error occurs when the SAP system attempts to perform SAML (Security Assertion Markup Language) authentication but cannot find a trusted certificate corresponding to the Distinguished Name (DN) provided in the SAML assertion. Essentially, the system is trying to validate the signature or trust the issuer of the SAML token but fails because the certificate used to sign the SAML assertion is not present or not trusted in the SAP system's certificate store. Common reasons include: The certificate of the Identity Provider (IdP) is not imported or trusted in the SAP system. The certificate has expired or been revoked. The DN in the SAML assertion does not match any trusted certificate in the SAP system. The certificate is imported but not assigned correctly to the SAML configuration. The certificate store or trust configuration is incomplete or
Get instant SAP help. Sign up for our Free Essentials Plan.
WSS021
Message expired (&1 &2 &3 )
Self-Explanatory Message Since SAP believes that this specific error message is 'self-explanatory,' no more information has been given.The majority of...
WSS020
Signature check failed (part not signed: &1)
Self-Explanatory Message Since SAP believes that this specific error message is 'self-explanatory,' no more information has been given.The majority of...
WSS023
No mapping for SAML authentication found (Issuer &3)
What causes this issue? The system received a SAML assertion, but it did not find a usermapping to authenticate the user.System Response The system ...
WSS024
Error while creating wsse:UsernameToken.
Self-Explanatory Message Since SAP believes that this specific error message is 'self-explanatory,' no more information has been given.The majority of...
Click on this link to search all SAP messages.