Skip to Content
0
Apr 21, 2017 at 07:05 PM

SSL certificate in SAPSSLS.PSE doesnt' match the one in STRUST - SSL Server Standard

4390 Views Last edit Apr 21, 2017 at 07:06 PM 2 rev

I'm trying to replace the SSL Server Standard certificate because ICM HTTPS has a certificate error: https://<server FQDN>:8443/sap/public/icman/ping

So in STRUST, I deleted the old SSL Server Standard certificate and created a new one. Signed it with our own CA and imported it in. Everything looks fine in STRUST. However, the web page is still using the self-signed certificate. I used sapgenpse.exe to check the certificate in SAPSSLS.pse. It is the same self-signed certificate from the web page.

I performed the same steps for "SSL client SSL Client (Standard)" without any problems. The certificate matched with the one from SAPSSLC.pse. Only SSL Server Standard is not matching. Did I miss a step somewhere?

I can use sapgenpse.exe to sign the certificate as a workaround. But that's not my preferred method. Plus because of the mismatch, it will cause confusions and/or problems later. Does anyone know how to fix this?

Thank you