Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to see the root certificate of the server certificate of a https conn?

Former Member

‎06-07-2010 9:30 AM

0 Kudos

Dear all,

I have a PI 7.10 system with a B2B scenario where the business partner is connected via soap + https. the message fails on the java stack with the error message:

iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier

I am pretty sure that there is a problem with the root certificate of the server certificate altough I imported the according root ca in the trusted CAs key store view.

Unfortunately, when calling the https url via the browser the root certificate has been replaced (company firewall) by an company internal certificate. so I cannot get more information on the root certificate. This root certificate replacement has been disable for the PI communication according to the firewall team.

Is there a way to get more information on the used root certificate of the server certificate during https connections in the nwa logs? Thats the only way for me to validate that the root ca replacement has been really disabled and if so what root ca is actually used...

Thanks,

Kris

1 REPLY 1

Former Member

‎06-07-2010 10:27 AM

0 Kudos

Hi,

With the java stack, it is always a nightmare to find significative logs...

What I did in a similar case, was to create an HTTP destination from transaction SM59 of the PI abap stack.

The HTTP destination points to the B2B partner URL.

You can then increase the ICM trace level and test the connection.

You will find useful certificates information in the ICM trace with transaction SMICM.

I hope this helps.

Olivier