Skip to Content
Nov 12, 2021 at 12:24 AM

HANA XS (on-prem) HttpClient.request:IPcon: connection to host :443 failed!; $REASON$=ssl

170 Views Last edit Nov 12, 2021 at 12:25 AM 2 rev


When I make a GET or POST http request from an .xsjs service in aN on-premise HANA server to a SAP internal web domain I get the error (hiding information from hosts) :

HttpClient.request: request failed: unable to establish connection to <hostdomain>:443 - IPcon: connection to host <hostdomain>:443 failed!; $REASON$=ssl: internal error

description = "host description";

host = "hostdomain";

port = 443;

pathPrefix = "/";

proxyType = none;

proxyHost = "proxy";

proxyPort = 8080;

authType = none;

useSSL = true;

timeout = -1;

sslHostCheck = false;

sslAuth = client;

I created a trust store for this host in XS admin tool and added all certificates available in the domain and even downloaded SAP Cloud Root CA from

This is how my trust store looks like


This is my configuration of destination


when I select certificate actions PUT CA Response on the trust store of each certificate I get:

I cannot access the server from command line. I can only use web ide and sap/hana/xs/admin.

I can successfully call the destination from node.js using the following lines of code :

 var Request = require("request");
  var XML2js = require("xml2js");

  var sslRootCAs = require("ssl-root-cas");
    .addFile("/SAP Cloud Root CA.crt")
    .addFile("/SAP Global Root CA (1).crt")
    .addFile("/SAPNetCA_G2 (5).crt");
  fs = require("fs");
      headers: {
        "Content-Type": "application/json",
      url: "https://<HOSTDOMAIN>",
    (error, response, body) => {
      if (error) {
        return console.dir(error);

When I run the openssl command on my windows computer to check the chain of certificates I only get the certificate 0.

openssl s_client -connect <hostdomain>:443 -servername <hostdomain>


And as far as I understand, it means that my destination server doesn't send the intermediate certificates. That is why I add them to the files in node.js. But I'm not able to access from my hana server and I need to access from it

I would really appreciate if someone can help me

¿Does anyone know how to correctly configure the trust store from hana xs admin tool?


hanaartifact.png (97.1 kB)
trust-store.png (387.2 kB)
certchain.png (39.1 kB)