3338197 - Error SSL handshake SSSLERR_PEER_CERT_UNTRUSTED (-102)

While performing the setup /SDF/ALM_SETUP to connect Cloud ALM with the managed system, the error "SSL handshake with <xx>:443 failed: SSSLERR_PEER_CERT_UNTRUSTED (-102)" is raised

CALM HEARTBEAT job executions fails with error "SSL handshake with <XXX>.authentication.cert.<datacenter>.hana.ondemand.com:443 failed: SSSLERR_PEER_CERT_UNTRUSTED (-102) Peer's X.509 certificate (chain) validation failed (missing trust?)" "

The following errors in dev_icm trace file are found :

ERROR: The chain of certificates is incomplete or untrusted, missing certificate of [C6:27:0A:15] CN=DigiCert G5 TLS RSA4096 SHA384 2021 CA1
FAILED: Validation of dependents - Issuer Certificate (ERROR: Issuer - No Certificates Found)

When running /n/sdf/alm_diagnostic, the following errors are logged :

• Connection failed: SSL handshake with <SAP Cloud ALM subdomain>
• Token Connection failed: SSL handshake with <SAP Cloud ALM subdomain>-cloudalm.authentication.<data center>.hana.ondemand.com:4

Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.

SAP Cloud ALM

proxy, /SDF/ALM_SETUP, SSL handshake, SSSLERR_PEER_CERT_UNTRUSTED (-102), SSL handshake, Failed to verify peer certificate, Peer's X.509 certificate (chain) validation failed, recurring  , KBA , SV-CLM-INF-CON , Connectivity of managed services/systems to SAP Cloud ALM , Problem