Skip to Content

SSL certificate configuration for HTTP RFC connection

Hi altogether,

I have a general understanding problem configuring SSL certificates for HTTP connection (type H) between frontend and backend in a Fiori environment.

Scenario is, that I like to show a WDA application in Fiori launchpad.

I think configuration in launchpad and SM59 is correct (using official SAP tutorial for adding WDAs to Fiori launchpad). When I test the connection in SM59, I get the well known "SSSLERR_PEER_CERT_UNTRUSTED"-error.

The message is clear. My understanding problem is: In which system do I have to implement which certificate through transaction STRUST? In frontend-system the certificate of backend and vice versa?

I read a lot threads belonging this error. But my simple question is not answered clearly in my found threads.

In SM59-configuration I use anonym-certificate and it gives me the warning "SSL Client PSE ANONYM does not exist".

thanks in advance and best regards

Christian

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • Jan 20 at 01:58 PM

    Hi

    The certificate check is done in the system where your RFC destination is defined (source system).

    Create the ANONYM SSL client in Tx STRUST and add all certificates of the cert chain of the target URL (from the RFC destination) to the certificate list.

    regards

    Domi

    Add comment
    10|10000 characters needed characters exceeded

  • Jan 22 at 07:23 AM

    Hi,

    thank you very much for your answer. Only to be sure: So I only have to add the backend's certificate to the frontend (where I defined the RFC connection)?

    best regards

    Christian

    Add comment
    10|10000 characters needed characters exceeded