SAP Knowledge Base Article - Preview

3252926 - SSL does not work between AS Java and Remote System - Peer sent alert: Alert Fatal: unknown ca

Symptom

  • An SSL/TLS connection to an external server from the AS Java fails with "Peer certificate rejected by ChainVerifier".
  • An SSL trace with IAIK debug records (see SAP KBA 2673775) shows the following messages:

    [...]
    ssl_debug(51): Received alert message: Alert Fatal: unknown ca
    SSLException while handshaking: Peer sent alert: Alert Fatal: unknown ca
    [...]


Read more...

Environment

SAP NetWeaver Application Server Java using SSL for outgoing connection

Product

SAP NetWeaver Application Server for Java all versions ; SAP NetWeaver all versions

Keywords

SSl trust, certificate, trusted certificate, The default IAIK chain verifier does not trust this chain, The default IAIK chain verifier does not trust this chain! , KBA , BC-JAS-SEC-CPG , Cryptography , BC-JAS-SEC , Security, User Management , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.