Skip to Content
avatar image
Former Member

500 SSL Peer Certificate Untrusted

Hi All,

While calling a web service I am getting below Error.

500 SSL Peer Certificate Untrusted -------------------------------------------------------------------------------- SSL handshake with test.salesforce.com:443 failed: SSSLERR_PEER_CERT_UNTRUSTED (-102) The peer's X.509 Certificate (chain) is untrusted SapSSLSessionStartNB()==SSSLERR_PEER_CERT_UNTRUSTED SSL:SSL_read() failed (536872221/0x2000051d) => "Failed to verify peer certificate. Peer not trusted." SSL:SSL_get_state()==0x2131 "TLS read server certificate B" SSL NI-hdl 102: local=10.41.45.22:38025 peer=136.147.58.45:443 cli SSL session PSE "/usr/sap/DS4/D00/sec/SAPSSLC.pse" Target Hostname="test.salesforce.com" >> ---- SecuSSL ErrStack: ---- 0x2000051d | SAPCRYPTOLIB | SSL_read SSL API error Failed to verify peer certificate. Peer not trusted. 0xa0600203 | SSL | ssl3_read_bytes Peer not trusted 0xa0600203 | SSL | ssl3_connect Peer not trusted 0xa0600203 | SSL | ssl3_get_server_certificate Peer not trusted 0xa0600203 | SSL | ssl3_decode_server_certificate Peer not trusted 0xa0600203 | SSL | ssl_verify_peer_certificates Peer not trusted 0xa0600203 | SSL | ssl_cert_checker_verify_certificates Peer not trusted 0xa0600203 | SSL | ssl_cert_checker_verify_certificates Peer not trusted Certificate Certificate Subject :CN=test.salesforce.com, OU=Applications, O="Salesforce.com, Inc", L=San Francisco, SP=California, C=US Issuer :CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US Serial number :0x14e1787030cab57bb9478a32d4f4a4f4 Verification result Status :Not successful SignerStatus :Not successful SignerVerificationResult Element #1 Status :Not successful Validity :Successful BasicConstraints :Successful KeyUsage :Successful ObjectStat

500.gif (15.5 kB)
Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Jun 07, 2017 at 02:22 PM

    Hello Yogendra,

    This error means that the client system does not trust the certificate sent by the server system.

    You need to import the certificate chain of the CA that signed the certificate.

    Based on the error traces, it would be the certificate for the CA called:

    CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US

    This WIKI page can assist you.

    Regards,

    IsaĆ­as

    Add comment
    10|10000 characters needed characters exceeded

    • Hello Yogendra,

      The error entries do not indicate a self-signed certificate...

      They indicate a certificated issued for:

      CN=test.salesforce.com, OU=Applications, O="Salesforce.com, Inc", L=San Francisco, SP=California, C=US

      And it issued by the CA:

      CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US

      A self-signed certificate has both the "subject" and "issuer" set to the same value.

      Regards.

      Isaías