Re: Secure Login Client error ACM_ACCESS_DENIED while RFID auth

I get some logs for that error from NWA-Troubleshooting-Logs and Traces-Security Troubleshooting Wizard: SSL Diagnostics (and part of Authentication Diagnostic, i merge them together):

4:10:45:804        Debug   j2ee_gst_sls       HTTP Worker [@253558976],5,D...               ...ttpserver.HttpTraceRequest.traceRaw CLIENT: 89 [10.40.18.146 : 59408], REQUEST:

POST /SecureLoginServer/slc2/doLogin?profile=28704b4a-579d-42fd-9e13-25b4e189f27f HTTP/1.0

host: sapsls.****.local:50001

connection: close

user-agent: SAP CommonCryptoLib/8.4.42 (Windows)

content-length: 42

accept: text/xml, application/json

accept-language: ru-RU

accept-language: en-US

accept-charset: utf-8,iso-8859-1,*

content-type: application/x-www-form-urlencoded; charset=UTF-8

Client=Secure%20Login%20Client%202.0.0.0.0

14:10:45:890      Debug   j2ee_gst_sls       HTTP Worker [@764677861],5,D...               ...rver.HttpTraceResponse.traceHeaders               CLIENT: 88 [10.40.18.146 : 59407], REPLY:

HTTP/1.1 200 OK

14:15:01:095      Path       j2ee_gst_sls       HTTP Worker [@706089735],5,D...               ...e.services.httpserver.SslAttributes        client [107] RequestImpl.initSslAttributes(): Initially sslAttributes = null

14:15:01:095      Path       j2ee_gst_sls       HTTP Worker [@706089735],5,D...               ...e.services.httpserver.SslAttributes        client [107] RequestImpl.checkForSSLHeaders()(): Check for SSL headers: SSL headers NOT found; Checked headers: suiteHeaderName = [name=[SSL_CIPHER_SUITE], value=[null]], keySizeHeaderName = [name=[SSL_CIPHER_USEKEYSIZE], value=[null]], certHeaderName = [name=[SSL_CLIENT_CERT], value=[null]]

14:15:01:095      Path       j2ee_gst_sls       HTTP Worker [@706089735],5,D...               ...e.services.httpserver.SslAttributes        client [107] RequestImpl.initSslAttributes(): Cannot find SSL headers in the request.

14:15:01:096      Path       j2ee_gst_sls       HTTP Worker [@706089735],5,D...               ...e.services.httpserver.SslAttributes        client [107] SslAttributesImpl.loadSSLAttributesFromFCA(FCAConnection, int, int): Client certificate error. connection.isSecure() = true; sslAttributes = com.sap.engine.services.httpserver.server.SslAttributesImpl@11ada4fd; connection.getKeySize() = 128; connection.getCipherSuiteId() = [B@7590817e; connection.getPeerCertificateChain() = exception: Peer identity not verified sslAttributes = com.sap.engine.services.httpserver.server.SslAttributesImpl@11ada4fd, this.keySize = 128, this.cipherSuite = TLS_RSA_WITH_AES_128_CBC_SHA, this.certificates = nullThe exception is: javax.net.ssl.SSLPeerUnverifiedException: Peer identity not verified

at com.sap.bc.proj.jstartup.fca.FCAConnection.getPeerCertificateChain(FCAConnection.java:693)

at com.sap.engine.services.httpserver.server.SslAttributesImpl.loadSSLAttributesFromFCA(SslAttributesImpl.java:345)

at com.sap.engine.services.httpserver.server.RequestImpl.initSslAttributes(RequestImpl.java:198)

at com.sap.engine.services.httpserver.server.RequestAnalizer.initialize(RequestAnalizer.java:341)

at com.sap.engine.services.httpserver.server.Client.initialize(Client.java:91)

at com.sap.engine.services.httpserver.server.Processor.chainedRequest(Processor.java:473)

at com.sap.engine.services.httpserver.server.Processor$FCAProcessorThread.process(Processor.java:269)

at com.sap.engine.services.httpserver.server.rcm.RequestProcessorThread.run(RequestProcessorThread.java:56)

at com.sap.engine.core.thread.execution.Executable.run(Executable.java:122)

at com.sap.engine.core.thread.execution.Executable.run(Executable.java:101)

at com.sap.engine.core.thread.execution.CentralExecutor$SingleThread.run(CentralExecutor.java:328)

14:15:01:096      Path       j2ee_gst_sls       HTTP Worker [@706089735],5,D...               ...e.services.httpserver.SslAttributes        client [107] RequestImpl.initSslAttributes(): SSL Attributes loaded from FCA.

14:10:45:890      Debug   j2ee_gst_sls       HTTP Worker [@764677861],5,D...               ...rver.HttpTraceResponse.traceHeaders               CLIENT: 88 [10.40.18.146 : 59407], REPLY:

Connection: close

Server: SAP NetWeaver Application Server 7.42 / AS Java 7.40

Date: Fri, 15 Jan 2016 11:10:45 GMT

Content-Type: application/json; charset=utf-8

Content-Length: 169

Set-Cookie: saplb_*=(J2EE4348020)4348050; Version=1; Path=/

Set-Cookie: JSESSIONID=sly_qfS-94DxskWW0SRDG94E_vpEUgGSWEIA_SAP2JZ1buM0BtMmp77LND9CVouY; Version=1; Path=/

Can you please help with this?

Thanks in advance!