Skip to Content
avatar image
Former Member

Server certificate rejected by ChainVerifier

Hi,

Using a RNIF Receiver Channel configured with Certificate Logon authentication in XI 3.0,

I get the error

com.sap.aii.af.ra.ms.api.RecoverableException: java.lang.RuntimeException: Error while silently connecting: org.w3c.www.protocol.http.HttpException: iaik.security.ssl.SSLException: Server certificate rejected by ChainVerifier

The certificate I use, has a three level trust chain. A root certificate, an intermediate and the actual client/server certificate.

I read http://sapnetweavernotes.blogspot.com/2007/11/sap-xi-frequently-asked-questions.html

and put the root and the intermediate certificate in the truststore TrustedCAs in the KeyStorage

service of the visual admin. However the error

Can there still be done something else and is there definately no problem for XI 3.0 to handle certificates having trust chains greater than two?

regards

Andreas

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

2 Answers

  • May 27, 2009 at 06:37 AM

    try importing the root CA certificate in TrustedCA keystore

    i.e you will have to import the hierarchy inside the keystore

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Oct 16, 2009 at 02:05 PM

    Hi Andreas,

    I am getting the same error by implementing a server certificate with a chain of TrustedCA's.

    Do you already solved the problem?

    Regards,

    Joost

    Add comment
    10|10000 characters needed characters exceeded