SAP Knowledge Base Article - Preview

2230007 - Peer Certificate Rejected by ChainVerifier Error When Sending Messages from PI via SOAP/FTP

Symptom

  • The error below is thrown when processing messages through the receiver File or SOAP Adapters
    com.sap.engine.interfaces.messaging.api.exception.MessagingException: iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier
  • You run an XPI Inspector trace trace using Example 50 (XI Message) for the channel which throws the error
  • Selecting the channel in the XI Channels section of the results page you see the below message under the section Verify Remote SSL Server
    Begin Analyzing Certificate Chain:
        The certificate #x was signed by the certificate #x+1
        The certificate with DN = {CN=<CN>,OU=<OU>,O=<O>,C=<C>} appears to be signed by {CN=<CN>,OU=<OU>,O=<O>,C=<C>}, however, the signing certificate was not provided in the chain.
    End Analyzing Certificate Chain.
  • The second certificate listed is the signing certificate


Read more...

Environment

  • PI Release Independent
  • SAP NetWeaver
  • SAP Process Integration

Product

SAP NetWeaver Process Integration 7.1 ; SAP NetWeaver all versions ; SAP enhancement package 1 for SAP NetWeaver Process Integration 7.1

Keywords

Process Integration 7.0, PI 7.0, PI 7.01, PI 7.02, Process Integration 7.10, PI 7.10, Process Integration 7.11, PI 7.11, Process Integration 7.30, PI 7.30, Process Integration 7.31, PI 7.31, Process Orchestration 7.4, PI 7.4, PO 7.4, XI, client, Web Service, RWB, Component Monitoring, Adapter Framework, file, root certificate, Trusted CA's, signing, server , KBA , BC-XI-CON-SOP , SOAP Adapter , BC-XI-CON-AFW-SEC , Security , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.