DevOps and System Administration Discussions
Dive into SAP DevOps and system administration. Join discussions to collaborate on optimizing workflows, share knowledge, and leverage resources effectively.
cancel
Showing results for 
Search instead for 
Did you mean: 

SSL handshake with eu2.hana.ondemand.com:443 failed: SSSLERR_PEER_CERT_UNT

smishaqui
Discoverer
0 Kudos

Dears,

We are getting below error from SOAMANAGER while trying to ping SF webservice. I have uploaded exported SSL Certificates from S4 and added in CPI key store and imported all SAP Global root ca, ca g2, global g2 and cloud integration ceritifcate in S4 system, still we are getting the below error..?

SSL handshake with eu2.hana.ondemand.com:443 failed: SSSLERR_PEER_CERT_UNT Error Error when processing Web service call,

Thanks..

4 REPLIES 4

isaias_freitas
Advisor
Advisor
0 Kudos

Dear SM Mujeeb Ishaqui,

The SSSLERR_PEER_CERT_UNT error suggests that a certificate is still missing at your S4 system, or that the certificates were imported to the incorrect PSE file.

Did you import the certificates at the "SSL client standard" store (transaction STRUST), at the S4 system?

And if there is an SM59 HTTP destination related to this connection, open it, switch to the "logon & security" tab, and confirm that it is using the "SSL client standard" certificate ("SSL certificate" field on the bottom).

Another thing that you can confirm is that the parameters "ssl/client_sni_enabled" and "icm/HTTPS/client_sni_enabled" are set to TRUE.

Regards,

Isaías

smishaqui
Discoverer
0 Kudos

Dear Isaias,

Thanks for the response.

Yes, I have imported the certificates at SSL Client Standard in store at S4 System. Scree shot of STRUST SSL Client Standard 2. SSL is maintained in SM59 and the parameter icm/HTTPS/client_sni_enabled is set to TRUE

error1.jpg

sriramsbg
Active Contributor
0 Kudos

Hi

1. Could you share the details about your communication from cloud? are you using HCM or SAP PI/XI?

2. Refer the SAP notes 2461900, 2728600 & 2333326

Regrads

SS

gdkhaire
Explorer
0 Kudos

hi,

Import the requested certificate in Strust, In your case eu2.hana.ondemand.com:443.

1) Open the browser and hit the URL - https://eu2.hana.ondemand.com:443/

2) Just export the certificate and download it.

3) Finally import it to Strust and do the RFC test.

thanks,

Ganesh K