Client certificate not recognized

We are using SAP business connector 4.7 and have already several customers logging in with their client certificate.

Now I have the situation that a customers clientcertificate is recognized in our test environment (separate machine) and I can see a correct username (with corresponding ACL) attached to the session in the session log.

However in our productive environment it does not recognize the client certificate as one configured with a username to it and thus the session show the user Default which does not have the correct ACL.

Our customer claims to have just one environment and thus says it sends the same client certificate.

I am now looking for a way to log the incoming certificate and why it does not find it in the configured clientcertificates.
Setting the logging of the server for facilities 66 and 67 to 10 did not give me clues to differentiate between incoming certificate, found or not found certificate.

Can anyone shed some light on this deep en dark hidden functionality ?


We have had some client certificate issues as well … The solution was reimporting the client certificate and then it worked fine for us …

We ended up actually with the same certificate being shown twice and could not delete the oldest one … but this doesn’t seems to be an issue …

We had this ‘behaviour’ when switching from the 40bit SSL towards the 128bit SSL version …