Skip to Content

Peer certificate rejected by ChainVerifier in file receiver communication channel


Hi,

I have been searching in SDN from last two but no thread is solving my issue.
The scenario is FTP to SFTP and there is a self signed certificate and it got expired, so imported new certificate in NWA successfully which is provided by third party system.
When i am testing it, i am geeting below error,can you please suggest how to fix it,

Attempt to process file failed with Error when getting an FTP connection from connection pool: com.sap.aii.af.lib.util.concurrent.ResourcePoolException: Unable to create new pooled resource: iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier.

Cheers,

Giri

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

5 Answers

  • Jan 30, 2015 at 08:39 AM

    Hi,

    Try stopping and starting the channel and send a fresh message

    Br, Praveen

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Jan 30, 2015 at 08:51 AM

    Hi Venkat

    Check the note mentioned in the below blog

    Thanks,

    Indrajit

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Jan 30, 2015 at 09:08 AM

    Hi Venkatagiri,

    Check the below points:

    1.Check if the firewall ports are open to the server you are trying to connect.

    2.check if the CA certificates has not expired

    3. try to regenerate the certificate from your thirdparty server and then try to reimport them again in your PI Server.

    still if the issue is not solved please check the note below.

    694290 - SAP J2EE: react on expiration of VeriSign CA certificates


    Thanks,

    Naveen

    Add comment
    10|10000 characters needed characters exceeded

  • Jan 30, 2015 at 11:37 AM

    Hi Venkat,

    First your certificate got any chain certificates install all certificates in NWA, check below notes for if the host name return different IP addresses.

    1764304 - FTPS Server certificate rejected by ChainVerifier

    SAP Note 1591971 - Added property strictHostnameChecking

    If you still not resolved run the XPI inspector as mention in below note.

    1514898 - XPI Inspector for troubleshooting XI

    Regards,

    Praveen.

    Add comment
    10|10000 characters needed characters exceeded

  • Feb 02, 2015 at 12:25 AM

    Thanks Guys for your time.

    But i have checked all blogs already.Please check information below,

    1.It was working with server details  in communication channel before certificate got expired.

    2.Firewall are open.

    3.when i am using server in communnication channel,getting below error,

    Transmitting the message to endpoint <local> using connection File_http://sap.com/xi/XI/System failed, due to: com.sap.engine.interfaces.messaging.api.exception.MessagingException: Error when getting an FTP connection from connection pool: com.sap.aii.af.lib.util.concurrent.ResourcePoolException: Unable to create new pooled resource: FTPEx: Unexpected reply codeControl connection prematurely closed by server

    4.When i am using IP address in communication channel ,getting below error,

    Transmitting the message to endpoint <local> using connection File_http://sap.com/xi/XI/System failed, due to: com.sap.engine.interfaces.messaging.api.exception.MessagingException: Error when getting an FTP connection from connection pool: com.sap.aii.af.lib.util.concurrent.ResourcePoolException: Unable to create new pooled resource: iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier

    Please note that it was working with server details in receiver communication channel.

    I feel it is a problem with certificate but third party is saying that the same certificate is working with different third party system connnected same receiver system.

    Cheers,

    Giri

    Add comment
    10|10000 characters needed characters exceeded