Solved: How to incorporate a new CA in STRUST

Former Member · ‎06-11-2009

Hi,

I´m setting an HTTPS RFC destination, making apropriate settings in STRUST too, and when I try to test my connection, I have and error that, traced via SMICM, tells me:

ERROR: SapSSLSessionStart(...) SSLERR_SERVER_CERT_MISMATCH

I´ve been researching, and found that my problem is that even when I added the server certificate, and the CA root certificate to STRUST, the CA must be one of the SAP recognized ones (listed in table STRUSTCERT).

In this case, the server I want to connecto to, has a certificate issued by himself as a valid CA authority, BUT that CA authority is not one the SAP listed in table STRUSTCERT.

My question is: How can i add this authority to trusted SAP Certification Authorities?

Is it possible?

Thanks in advance.

Regards,

Federico

Edited by: Federico Alvarez on Jun 11, 2009 11:27 AM

Former Member · ‎06-11-2009

Hi Frederico,

For your ICM to be able to connect as an HTTPS SSL client, you just need to add the CA (and sub CA if any) certificate of the external SSL server in the certificate list of the SSL Client entry from STRUST.

If the external server uses a self signed certificate, you need to import it in the Certificate List.

Regards,

Olivier

Former Member · ‎06-11-2009

Hi Frederico,

For your ICM to be able to connect as an HTTPS SSL client, you just need to add the CA (and sub CA if any) certificate of the external SSL server in the certificate list of the SSL Client entry from STRUST.

If the external server uses a self signed certificate, you need to import it in the Certificate List.

Regards,

Olivier

Former Member · ‎06-11-2009

Thanks once more, Oivier.

As you can see, I´m still with this requirement.

I´ll try to import the certificate again as you say; I must have done something wrong (thougt it was because of the CA not listed by SAP, but if you say it should work, it blindly trust you).

Kind regards,

Federico.