When testing, the error No suitable SAP user found for X.509-client
certificate is logged on the client and
SAP Mobile Server when testing SSO with an X.509
certificate on a mobile application client – during certificate generation, make sure that the user name under which the
dbsrv12.exe process (SAP Mobile Server) runs, is the same as the
user name who generates the credential (cred_v2) file. For example, in
the Processes tab of Windows Task Manager, the User name under which
dbsrv12.exe runs is SYSTEM. In
this case a SYSTEM user must also generate the certificate.See this SAP Community Network link http://forums.sdn.sap.com/thread.jspa?threadID=1756876.
Application login failures, authentication failures, and operation replay failure error messages – any of these failures may be caused by the user's password changing in the SAP
server. In some cases, you may need to create new connection profiles.
For security reasons, the exact nature of the
login failure is not returned to the client. Look at the SAP Mobile Server log for details.
Unexpected application behavior when you change credentials in an application – when you change a password in the client application, it changes only the password which is sent to the SAP server. To change the password that the SAP server accepts, change it at the EIS.You can import any valid certificate into the device's certificate store, but if the SAP server rejects it, an error is returned to the client.
SAP portal does not set SSO2 logon tickets – you need a note applied to the portal to get the HTTP challenge pop-up.Ask the basis team to apply note 1250795 to the
portal server. See https://websmp230.sap-ag.de/sap/support/notes/1250795
(requires SAP domain login).