2461900 - SSSLERR_PEER_CERT_UNTRUSTED error in dev_icm or dev_webdisp trace

Symptom

The TLS handshake fails and the following error (or similar) is recorded in the ICM trace (dev_icm) or SAP Web Dispatcher trace (dev_webdisp):

[Thr <thr_no>] The peer's X.509 Certificate (chain) is untrusted
[Thr <thr_no>] SapSSLSessionStartNB()==SSSLERR_PEER_CERT_UNTRUSTED
[Thr <thr_no>] SSL:SSL_read() failed (536872221/0x2000051d)
[Thr <thr_no>] => "Failed to verify peer certificate. Peer not trusted."
[Thr <thr_no>] SSL:SSL_get_state()==0x2131 "TLS read server certificate B"
[Thr <thr_no>] SSL NI-hdl 89: local=<host:port> peer=<host:port>
[Thr <thr_no>] cli SSL session PSE "X:\usr\sap\<sid>\<inst>\sec\<SAP_PSE>.pse"
[Thr <thr_no>] Target Hostname="<hostname>"

Where <SAP_PSE> can be any PSE. For example:

Anonymous: SAPSSLA
Standard: SAPSSLC
Server: SAPSSLS
Individual: SAPSSL<name>

Environment

SAP NetWeaver ABAP Application Server
SAP Web Dispatcher
ABAP Platform based product

Product

ABAP platform all versions ; SAP NetWeaver all versions ; SAP Web Dispatcher all versions

Keywords

The peer's X.509 Certificate (chain) is untrusted, Failed to verify peer certificate, Peer not trusted, RFC, LMDB_SYNCDEST, STRUST, PSE, Trusted certificate, Chain, ICM, Peers, Peer certificate (chain) is not trusted, issue in SSL, dev_icm, SSSLERR_PEER_CERT_UNTRUSTED, ICM_HTTP_SSL_PEER_CERT_UNTRUSTED, Fiori, My Inbox, Navigation, Gateway, upgrade, Portal, LDAPS. 636, Native SSL Error, SSSLERR_PEER_CERT_UNTRUSTED, 500 SSL Peer Certificate Untrusted , KBA , ssl handshake with , (-102) , BC-SEC-SSL , Secure Sockets Layer Protocol , BC-CST , Client/Server Technology , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.