Dear Experts

Facing to following problem:

IPs and names replaced with X.

I had to change the connection to content server to HTTPS. In IIS everything seems fine and the following page can be displayed:

https://fqdn:1092/ContentServer/ContentServer.dll?serverInfo

Now to sap. There I wanted to change the repository to HTTPS and changed the SSL Port to 1092 and then following error is displayed:

Fehler bei HTTP-Zugriff: IF_HTTP_CLIENT->RECEIVE 1 SSL handshake with XXX.XXX.XXX.XXX:1092 failed: SSSLERR_PEER_CERT_UNTRUSTED (-102) The peer's X.509 C...

In ICM Trace I see the following:

[Thr 7436] <<            End of Secu-SSL Errorstack

[Thr 7436]   SSL_get_state()==0x2131 "SSLv3 read server certificate B"

[Thr 7436]   SSL NI-hdl 96: local=XXX.XXX.XXX.XXX:57991  peer=XXX.XX.XXX.XXX:1092

[Thr 7436] <<- ERROR: SapSSLSessionStart(sssl_hdl=000000002ED2E2D0)==SSSLERR_PEER_CERT_UNTRUSTED

[Thr 7436] *** ERROR => SSL handshake with XXX.XXX.XXX.XXX:1092 failed: SSSLERR_PEER_CERT_UNTRUSTED (-102)

[Thr 7436] The peer's X.509 Certificate (chain) is untrusted

[Thr 7436]

[Thr 7436] SapSSLSessionStart()==SSSLERR_PEER_CERT_UNTRUSTED

[Thr 7436]   SSL:SSL_connnect() failed  (536872221/0x2000051d)

[Thr 7436]   => "SSL API error"

[Thr 7436] >>      SecuSSL ErrStack:

[Thr 7436] 0x2000051d   SAPCRYPTOLIB   SSL_connect

[Thr 7436] SSL API error

[Thr 7436] Failed to verify peer certificate. Peer not trusted.

[Thr 7436] 0xa0600203   SSL   ssl_verify_peer_certificates

[Thr 7436] Peer not trusted

[Thr 7436] 0xa0600297   SSL   ssl_cert_checker_verify_certificates

[Thr 7436] peer certificate (chain) is not trusted

[Thr 7436] Certificate:

[Thr 7436]   Certificate:

[Thr 7436]       Subject     :CN=XXXX

[Thr 7436]       Issuer      :CN=XXXIssuingCA10, DC=XXX, DC=XXX

[Thr 7436]       Serial number:0x5f0000029aa3d4c73fef2981bc00000000029a

[Thr 7436]       Validity:

[Thr 7436]         Not before  :Mon Jul 27 16:20:44 2015

[Thr 7436]         Not after   :Sun Jul 25 16:20:44 2021

[Thr 7436]       Key:

[Thr 7436]         Key type    :rsaEncryption (1.2.840.113549.1.1.1)

[Thr 7436]         Key size    :2048

[Thr 7436]       PK_Fingerprint_MD5:3193 E726 99A2 F10C 97EA A73D CC6C 61AE

[Thr 7436]       extensions:

[Thr 7436]         AuthorityKeyId:

[Thr 7436]           Significance:Non critical

[Thr 7436]           Value:

[Thr 7436]             Key identifier (size="20" ):42F8D3D3DBA97D29F79921B8F262898FD0084A36

[Thr 7436]         SubjectKeyIdentifier:

[Thr 7436]           Significance:Non critical

[Thr 7436]           Value        (size="20" ):8BC3DAB1F979D139CAE2731DAACD5CB67CA3EB58

[Thr 7436]         Key usage:

[Thr 7436]           Significance:Critical

[Thr 7436]           Value:

[Thr 7436]             digitalSignature

[Thr 7436]             keyEncipherment

[Thr 7436]         Extended key usage:

[Thr 7436]           Significance:Non critical

[Thr 7436]           Value:

[Thr 7436]             element#no="1":ClientAuthentication (1.3.6.1.5.5.7.3.2)

[Thr 7436]             element#no="2":ServerAuthentication (1.3.6.1.5.5.7.3.1)

[Thr 7436]         Alternative names:

[Thr 7436]           Significance:Non critical

[Thr 7436]           Value:

[Thr 7436]             element#no="1":

[Thr 7436]               GN-dNSName  :XXX

Then I added this certificate to STRUST. But still facing to the same error.

Thanks for any advices.

Kind regards

Lino