Skip to Content
avatar image
Former Member

Need help on REST API call using HTTPS

Hello Experts,

We are planning to fetch data from the website using REST API. Programming is in webdynpro ABAP.

To fetch data, We need to call API using HTTPS protocol. To create HTTP request, We have created RFC destination under 'HTTP Connections to External Server'. By default it takes HTTP and to make it HTTPS, we need to select SSL flag under 'Logon & security' tab. Problem starts here, after selecting SSL flag we were not able to connect to external website. Then we did some search and found that we will have to import certificate for external website under STRUST. We did that and it worked.

We are looking for the solution in which, we can avoid importing certificate. Because as discussed with one of the security colleague, he told us that it is not good practice. It is kind of hard coding of certificate. Can any one of you help us to connect using HTTPS to external website to fetch data.

I think this is very common use case and many would have worked on this. Please let me know if you need more information.

Best Regards,


Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • Best Answer
    Oct 27, 2016 at 08:33 AM


    Idea of using HTTPS is to connect to trusted (by client) site and establish encrypted pipe.

    Your client must know something (certificate) to do this securely.

    Your security colleague have probably in mind that standard practice is to import CA certificate used to sign external website certificate.



    Add comment
    10|10000 characters needed characters exceeded

    • Former Member


      Thanks for your reply.

      Yes, I did the same. From the certificate path we can get the root. For an example for this website - has root 'VeriSign'. So, I need to import the 'VeriSign' certificate? Did you mean that?

      Is that correct way to connect using HTTPS ? Because my colleague asked me not to import any certificate and to find out other way for HTTPS connections. But I am not sure that is possible without certificate.

      Your reply will be helpful.

      Best Regards,


  • Nov 03, 2016 at 12:25 PM

    Ask him about "other ways".

    If he is a Windows person, his system is trusting many CAs out of the box.

    Add comment
    10|10000 characters needed characters exceeded