Skip to Content

SSL certificate configuration for HTTP RFC connection

Jan 20 at 09:17 AM


avatar image

Hi altogether,

I have a general understanding problem configuring SSL certificates for HTTP connection (type H) between frontend and backend in a Fiori environment.

Scenario is, that I like to show a WDA application in Fiori launchpad.

I think configuration in launchpad and SM59 is correct (using official SAP tutorial for adding WDAs to Fiori launchpad). When I test the connection in SM59, I get the well known "SSSLERR_PEER_CERT_UNTRUSTED"-error.

The message is clear. My understanding problem is: In which system do I have to implement which certificate through transaction STRUST? In frontend-system the certificate of backend and vice versa?

I read a lot threads belonging this error. But my simple question is not answered clearly in my found threads.

In SM59-configuration I use anonym-certificate and it gives me the warning "SSL Client PSE ANONYM does not exist".

thanks in advance and best regards


10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

2 Answers

Dominik Bigl Jan 20 at 01:58 PM


The certificate check is done in the system where your RFC destination is defined (source system).

Create the ANONYM SSL client in Tx STRUST and add all certificates of the cert chain of the target URL (from the RFC destination) to the certificate list.



10 |10000 characters needed characters left characters exceeded
Christian Köhler Jan 22 at 07:23 AM


thank you very much for your answer. Only to be sure: So I only have to add the backend's certificate to the frontend (where I defined the RFC connection)?

best regards


10 |10000 characters needed characters left characters exceeded