Hi,
We recently upgraded the kernel and sap cyrptolib on one of our PI sysems (7.11 SP6 Dual Stack. CommonCryptoLib 8 Version 8.4.34.
We have three vendors, all with untrusted certificates, who we cannot communicate with any more. When we test the RFC connection we receive the following error.
[Thr 3085] SSL API error
[Thr 3085] Failed to verify peer certificate. Peer not trusted.
[Thr 3085] 0xa0600203 SSL ssl_verify_peer_certificates
[Thr 3085] Peer not trusted
[Thr 3085] 0xa0600297 SSL ssl_cert_checker_verify_certificates
[Thr 3085] peer certificate (chain) is not trusted
[Thr 3085] <<- ERROR: SapSSLSessionStart(sssl_hdl=1184803f0)==SSSLERR_PEER_CERT_UNTRUSTED
[Thr 3085] *** ERROR => IcmConnInitClientSSL: SapSSLSessionStart failed (-102): SSSLERR_PEER_CERT_UNTRUSTED {0002e2b6} [icxxconn_mt.
The connections were working prior to the upgrade. The vendors certificates are stored in the NWA Certificate store (we don't use STRUST) and have not changes.
There is nothing wrong with the certificate OR the RFC destination. I have searched SCN without a relevant hit. Can anyone help?