Skip to Content

Enforcing server certificate authentication at client side : meaning ?

Feb 01, 2017 at 04:22 PM


avatar image


We have deployed this past summer SAP Hybris Cloud for Customer (formerly known as C4C) connected to our SAP ECC6 Landscape through SAPWebdisapthcer and HCI platform, in both directions (inbound/outbound).

It is working fine.

We just received some automatic email from SAP, that is creating some panic here, we have absolutely no idea of what it means :

SAP HCI will have a new server certificate and it might impact us if "if you are enforcing server certificate authentication at client side."


Is there anyone out there who can help decyphering what it means ?

I don't remember enfornign anything, I went through the HCI security Guide, no mention of "server certificate authentification at client side"

We added HCI certificates(Intermediary and Root certifivates) into SAP STRUST, SSL Client Standard :


That certificate is then used by outgoing RFC destinations to HCI


According to HCI security guide, "STRUST will be used to create a signed certificate in the PSE then when an outgoing connection is made that is using mutual authentication this certificate will be presented to the remote server to provide proof of identity"

So, is "mutual authentification" the same thing as "Enforcing server certificate authentication at client side"

I am really puzzled, any help woudl be appreciated

Thank you

example.png (48.9 kB)
rfc.png (41.2 kB)
10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

1 Answer

avatar image
Former Member Feb 14, 2017 at 07:55 AM

Hi Raoul,

I got the same mail and don't know what to do.

Did you get any answers so far?



10 |10000 characters needed characters left characters exceeded