Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

VSCode UNABLE_TO_VERIFY_LEAF_SIGNATURE on-premise system with valid certificate

Go to solution
patrick_weber11
Participant

on ‎2022 Mar 14 7:10 AM

0 Likes
3,751

Hello community,

this is less a question but might be helpful for others fighting with this issue.
Related to this question here, I was still unable to connect to a on-premise S/4 (2020) system.

The system I want to connect uses an official certificate of our company, it is not a self-signed certificate but a certificate verified by a trustful and trusted vendor. To add the system as SAP system in VSCode, I ran Fiori App Generator and tried to add it as new system like this:

But it always gives me the error UNABLE_TO_VERIFY_LEAF_SIGNATURE.

I disabled all SSL related settings in VSCOde, I've installed the certificate chain over and over again and tried different nodejs settings like disable SSL_strict and also set environment variable NODE_EXTRA_CA_CERTS like described here.

Also I asked our SAP administrator to provide a HTTP connection and even this didn't work as it still keeps redirecting to HTTPS.

Luckily, I'm able to connect to an SAP ECC System (on-premise) by HTTP. I don't understand what is different here as this also uses the same certificates but it seems not to redirect for some reason. I used it to build a connection because I was interested what gets saved in which file.

After connection was set up to ECC system, I simply can change related settings (URL) like this. Please note, it still doesn't work with SSL but for some reason, HTTP works now. I also tried to build a new application with success. I got a huge list containing all active oData system of our S/4 on-premise system

The connection gets saved in a file named systems.json which is located at C:\users\<username>\.fioritools and the content looks like this.

{
  "systems": {
    "http://<url to your system>:8000/100": {
      "name": "myS4",
      "url": "http://<url to your system>:8000",
      "client": "100",
      "userDisplayName": "myUser"
    }
  }
}

So if anyone ran into the same issue, simply try to create a connection like this manually.

Hope this helps some people out there.

BR Patrick

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (1)

Accepted Solutions (1)

patrick_weber11
Participant
‎2022 Mar 14 7:12 AM

answered my own question, posted it just as reference for others as there is mostly no information available to this issue.

Show replies
Show replies

Answers (1)

Answers (1)

Shen2
Associate
Associate
‎2024 Aug 09 4:12 PM
0 Likes

I encountered a similar issue recently and found this post while searching for solution. For my scenario, the problem was the backend service has self-signed certificate. And the error was from ui5-middleware-simpleproxy. It helped to add strictSSL: false option in ui5.yaml.



Screenshot 2024-08-09 at 8.12.07 AM.png

 

Show replies
Show replies
Ask a Question