Skip to Content

SMD Agent verifies server identity not working


we installed new Solution Manager 7.2 SP5. The installation was succesfull and all steps System preparation, Basis Configuration and Infrasructur Preparation are green. Now we connect the Managed Systems and facing problems with security settings. We connect via MS/P4S that works fine but the "Agent verifies Server identity" doesen't work. In the logs I can see the error, that the Message Server certificate seems to be not in the Trusted CA. Usualy push the button "Update list of trusted CA" in the Agent security should be the solution. I read a lot of Wiki's and Notes but nothing help.

What is wrong?

Any help are welcome

Best regards


Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Oct 18, 2017 at 02:48 PM


    As far I know there was a bug in connectivity with P4S port. as per SAP note:

    2426821 - Activity 'Generate System-Level Metrics' fails with error: The remote Call for the generation of system-metrics templates failed - Solution Manager 7.1 & 7.2

    Please look ar notes below...

    2322555 - Connect the Diagnostics Agent to Solution Manager 7.2 using SSL

    Let me know if you still facing this issue.



    Add comment
    10|10000 characters needed characters exceeded

    • Hello Yogesh,

      sorry for the delay, I do something other things in the Project. Thanks for your quick answer, but unfortunately the problem still exist. The note 2483117 describe exactly my problem but doesen't help too. We configured the connection via MS Server with https. If we start the Message Server I can see some errors like this in the ms server log dev_ms:

      *** ERROR => MsSSLThread: SapSSLRead (rc=-10) SSSLERR_CONN_CLOSED [msxxhttp.c 6913].

      Additionally logfiles were checked: defaulttrace.trc from the cluster notes show for every connected agent:

      [DCCAgentStatusPush.register] Error to push agent event xxxxxcc

      Caused by: Peer certificate rejected by ChainVerifier

      For Server:

      Sending CA certificate to agent xxxxxxxxxxxxxxxxxxxx failed.

      Caused by: java.rmi.RemoteException: Request rejected; nested exception is: Message server certificate not in TrustedCAs

      In my opinion when we try to push the new ca list to the agent we get the error described above. Where ist the CA List saved for the agents and where i can check the content of the list. I maintain the certificates in the NWA "certificates and keys) and try lot of but nothing helps.

      Have you an idea?

      Thanks in advance