cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Peer certificate rejected by ChainVerifier

former_member296836
Participant

on ‎06-19-2015 4:03 PM

0 Kudos

Dear all,

we are trying to establish FTPS over Proxy communication.

The FTPS is secured by SSL certifcate that I (including the intermediate and root certificates) imported

into TrustedCAs in NWA.

After this, restarted the SSL Provider in NWA -> Start&Stop -> Java EE Services

In XPI Inspector we found following error:

Catching iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier

at iaik.security.ssl.r.checkIsTrusted(Unknown Source)

at iaik.security.ssl.x.b(Unknown Source)

at iaik.security.ssl.x.a(Unknown Source)

at iaik.security.ssl.r.d(Unknown Source)

at iaik.security.ssl.SSLTransport.startHandshake(Unknown Source)

at iaik.security.ssl.SSLTransport.getInputStream(Unknown Source)

at iaik.security.ssl.SSLSocket.getInputStream(Unknown Source)

at com.sap.aii.security.lib.net.ssl.impl.IAIKSSLSocketFactoryImpl$SSLSocketImpl.getInputStream(IAIKSSLSocketFactoryImpl.java:250)

at com.sap.aii.adapter.file.ftp.FTPCtrl.initStreams(FTPCtrl.java:251)

at com.sap.aii.adapter.file.ftp.FTPTLSCtrl.readReply(FTPTLSCtrl.java:132)

at com.sap.aii.adapter.file.ftp.FTPCtrl.sendCommand(FTPCtrl.java:597)

at com.sap.aii.adapter.file.ftp.FTPTLSCtrl.sendCommand(FTPTLSCtrl.java:100)

at com.sap.aii.adapter.file.ftp.FTPCl.authTLS(FTPCl.java:1636)

at com.sap.aii.adapter.file.ftp.FTPCl.authenticate(FTPCl.java:1708)

at com.sap.aii.adapter.file.File2XI.reconnect2FTPServer(File2XI.java:3136)

at com.sap.aii.adapter.file.File2XI.invoke(File2XI.java:589)

at com.sap.aii.af.lib.scheduler.JobBroker$Worker.run(JobBroker.java:523)

at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)

at java.security.AccessController.doPrivileged(Native Method)

at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:182)

at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:280)

In CC we maintain not the FTP server directly, but a IP Forwarder Adress in Proxy.

I checked several threads for this error message here in forum, but could not find a suitable solution.

Even the strictHostnameChecking Parameter did not worked (perhaps because of the IP Forwarder).

Any ideas?

Regards

Chris

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

PriyankaAnagani
Active Contributor
‎06-20-2015 12:45 PM
0 Kudos

Hi Christian,

PFB my suggestions

1. Reload the certificate in trusted CAs in NWA.

2. Verify the Validity of the certificate by checking Valid From and Validity To.

3. Then restart the File communication channel.

After doing the above steps also, if it is not working please check with FTP server vendor if there is any issue with the certificate

Regards,

Priyanka

Show replies
Show replies
Former Member
‎06-24-2015 11:21 AM
0 Kudos

Could you please check note 1764304 - FTPS: Server certificate rejected by ChainVerifier and see if it matches?

Ask a Question