Hello Robert,

How do I set the Own Cert to by from my CA rather than a self-signed Cert?

You have to generate a certificate request, through STRUST (there is a "create certificate rewuat" button near the "owner" field).

Then, send this request to your CA and when it sends the response, you import the response back at STRUST.

I noticed that for all other PSEs the Own Certificate was self-signed except for the SSL server Standard Node. To get the node to turn back green I had to replace the current Own Certificate but it did it when a self-signed. I also added my local CAs cert to the Certificate List. Is this a problem?

No. You just need to proceed as indicated in the previous answer .

What's the relationship between the Own Certificate and the Certificate List underneath it?

"Own certificate" is the certificate itself. The certificate that will be presented to the clients, when connecting to SAP (since we are talking about the server certificate).

The "certificate list" underneath is a list of other certificates imported to the server PSE file.

Why would you need to import other certificates there? If a client has to authenticate itself using a certificate, the certificate of the CA that signed the clients' certificates has to be imported to the server PSE, so SAP can confirm the client's identity (which is possible only when you have the certificate of the CA that created the client certificate).

I'm working with my Infrastructure team and they are using a Windows Server CA to generate the cert. Since they aren't familiar with SAP and I'm not familiar with the Microsoft CA tools I'm curious if someone who might know both sides of it could help me navigate both side of this with my team.

Handover the certificate request you generated through STRUST to your infrastructure team.

They have to use the Windows CA tools to sign it, and handover the response to you.

Once you import the response at STRUST, the self-signed certificate will be replaced by your CA signed certificate.

Cheers!

Isaías