2023 Dec 06 2:14 PM
Hello,
I'm trying to connect to a URL in the same server, ( BSP applic. ) but when I try to connect to this URL I get the next error.
SSL handshake with xxxxxx.it-dc.net:8081 failed: SSSLERR_PEER_CERT_UNTRUSTED (-102)#Peer's X.509 certificate (chain) validation failed (missing trust?)##SapSSLSessionStartNB()==SSSLERR_PEER_CERT_UNT
I tried to look in STRUST transaction but there is the certificate and it doesn't look like there is any error within,
Can somebody help?
2023 Dec 06 2:24 PM
Did you look at the whole chain from the root CA downwards or just the final node?
2023 Dec 06 2:34 PM
c5e08e0478aa4727abc4482f5be390b2 when I go to STRUST, I see the certificate, I don't see any chain or anything related to that
2023 Dec 06 2:38 PM
The CA root certificate of the "peer's" certificate needs to be imported into the "Certificate List" in STRUST, most probably in the "SSL client Standard" section or the currently used "SSL client xyz" section.
2023 Dec 06 2:43 PM
2023 Dec 06 3:08 PM
No, you don't...: "Certificate List" is empty!
2023 Dec 06 3:32 PM
I think that this one is the correct, there are a certificate List.
This is the log of the error.
2023 Dec 06 3:40 PM
That one is the list for the server, but your problem is in the client. Your client does not trust the certificate of the server, therefore you need to import your server's CA root into the trust list of the client.
2023 Dec 06 3:24 PM
the chain is visible as such only in a browser, the STRUST interface will show them as separate certificates
2023 Dec 06 4:57 PM
You can check the dev_icm log for exact certificate name which is causing the problem and import the same required certificate in correct PSE file.