/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
Even with all certificates imported correctly, SSL handshake is returning SSSLERR_SERVER_CERT_MISMATCH if "localhost" is the hostname called to stablish the connection.
Below is an example of ICM trace (dev_icm) showing described scenario:
Target Hostname="localhost"
SSL NI-hdl 228: local=127.0.0.1:<port> peer=127.0.0.1:<port>
<<- ERROR: SapSSLSessionStartNB(sssl_hdl=7f11b809fdb0)==SSSLERR_SERVER_CERT_MISMATCH
*** ERROR => SSL handshake with localhost:<port> failed: SSSLERR_SERVER_CERT_MISMATCH (-30)
Server certificate not valid for supplied TargetHostname (fatal rfc2818 section 3.1 mismatch)
SapSSLSessionStartNB()==SSSLERR_SERVER_CERT_MISMATCH
TLSextSNI srv_name = "localhost"
TargetHostname = "localhost"
ServerCert.subject = <CN=.., O=..,>
ServerCert.issuer = <..>
ServerCert.SANs = <..>
SSL NI-hdl 228: local=127.0.0.1:<port> peer=127.0.0.1:<port>
peer certificate: SUBJECT="<..>"
<<- ERROR: SapSSLSessionStartNB(sssl_hdl=7f11a0044100)==SSSLERR_SERVER_CERT_MISMATCH
*** ERROR => SSL handshake with <real hostname>:<port> failed: SSSLERR_SERVER_CERT_MISMATCH (-30)
Server certificate not valid for supplied TargetHostname (fatal rfc2818 section 3.1 mismatch)
Read more...
Environment
SAP NetWeaver all versions
SAP S/4HANA all versions
Keywords
SSSLERR_SERVER_CERT_MISMATCH, localhost , KBA , BC-CST-IC , Internet Communication Manager , BC-SEC-SSL , Secure Sockets Layer Protocol , BC-SEC-SSF , Secure Store and Forward , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)