Showing results for 
Search instead for 
Did you mean: 

Enforcing server certificate authentication at client side : meaning ?

Active Participant


We have deployed this past summer SAP Hybris Cloud for Customer (formerly known as C4C) connected to our SAP ECC6 Landscape through SAPWebdisapthcer and HCI platform, in both directions (inbound/outbound).

It is working fine.

We just received some automatic email from SAP, that is creating some panic here, we have absolutely no idea of what it means :

SAP HCI will have a new server certificate and it might impact us if "if you are enforcing server certificate authentication at client side."


Is there anyone out there who can help decyphering what it means ?

I don't remember enfornign anything, I went through the HCI security Guide, no mention of "server certificate authentification at client side"

We added HCI certificates(Intermediary and Root certifivates) into SAP STRUST, SSL Client Standard :


That certificate is then used by outgoing RFC destinations to HCI


According to HCI security guide, "STRUST will be used to create a signed certificate in the PSE then when an outgoing connection is made that is using mutual authentication this certificate will be presented to the remote server to provide proof of identity"

So, is "mutual authentification" the same thing as "Enforcing server certificate authentication at client side"

I am really puzzled, any help woudl be appreciated

Thank you

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
0 Kudos

Hi Raoul,

I got the same mail and don't know what to do.

Did you get any answers so far?