3000086 - HttpHandleCertificate: intermediary is NOT trusted

Symptom

In the ICM trace file (dev_icm) the following entries can be seen:

[Thr] HttpModIsReverseProxyTrustworthy: no trust relationship to intermediary specified (see documentation for parameter "icm/HTTPS/trust_client_with_issuer" or "icm/trusted_reverse_proxy")

[Thr] HttpHandleCertificate: intermediary is NOT trusted

Observation: this trace entry is relevant only if "Principal Propagation" (SAP Cloud Connector) is used, or if authentication (SSO) based on x509 certificates ("SSL client certificates") is used.

Environment

Product independent
Release independent
Client/Server Technology - ICM (Internet Communication Manager)
Client/Server Technology - Web Dispatcher
Security - Secure Sockets Layer Protocol
Java Application Server- Security, User Management / SSO, Logon

Product

ABAP platform all versions ; SAP NetWeaver all versions ; SAP Web Application Server for SAP S/4HANA all versions

Keywords

intermediary, not, trusted, HttpModIsReverseProxyTrustworthy, trust, relationship, icm/HTTPS/trust_client_with_issuer, icm/HTTPS/trust_client_with_subject, STRUST , KBA , BC-CST-IC , Internet Communication Manager , BC-JAS-COR , Enterprise Runtime, Core J2EE Framework , BC-CST , Client/Server Technology , BC-MID-SCC , SAP Cloud Connector On-Demand/On-Premise Connectivity , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.