Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Bypassing SSL certificate check for testing purposes(Test environment)

former_member193464
Contributor
3,805

Hi All,


I am trying to call a REST service from SAP , by using Create by URL. (HTTPS path).
when trying to get a response I got the below error

SSL handshake with <server_name>:443 failed: SSSLERR_PEER_CERT_UNTRUSTED (-102)#The peer's X.509 certificate (Chain) is untrusted ##SapSSLSessionStart()==SSSLERR_PEER_CERT_UNTRUSTED........


I know we need to import the certificate for https calls but I want to know if we can bypass it for test environment
Like in .NET we have System.Net.ServicePointManager.ServerCertificateValidationCallback (( sender certificate,chain,sslPolicyErrors) => true.
to skip the SSL error for trust certificate. Can we do something like this in ABAP just for testing.


Interesting thing is the same call is working from another test environment which also does not have the certificates imported and there is no change in code in both the environments. Is there a setting in SSL which BASIS can change for calling such type of services?

I am not passing a SSL when creating it through the URL.



Thanks,
Manoj

3 REPLIES 3

balanand_s
Participant
0 Kudos
548

Hello Manoj,

Yes we can skip this by using normal HTTPS call without using client certificate. You can test your connection in that way, it is just HTTPS call there won't be any certificate validation, here we have to 443 here the certificate acts as normal SSL certificate not as CA signed client certificate. for your test you can test with ssl certificate whether you could able to get data from other systems.

BTW here you are trying the make a handshake with certificate which means you should use 8443 and 443. 8443 is for certificate validation.

Any more clarifications?

Regards,

Balanand S

0 Kudos
548

Hello Balanand,

could you kindly provide more information about the phrase "

BTW here you are trying the make a handshake with certificate which means you should use 8443 and 443. 8443 is for certificate validation." ?

Regards

Alessio

balanand_s
Participant
0 Kudos
548

Hello Alessio,

Sorry for the delayed response, Yes 443 is an normal HTTPS call with SSL Certificate.

If we are trying to authenticate with Certificate which is mutual authentication with CA signed X509 certificate, in that case we need to use 8443 then only the certificate will be validated.

Let me know if any further information required.

Regards,

Balanand S