Hi Experts, I managed to solve this issue in DEV server with below steps.
- generated the PSE from gateway server and backend server
- Run below script
D:\sapcrypto>sapgenpse.exe maintain_pk -a D:\usr\sap\W03\W06\sec\GD3_W1.pse -p D :\usr\sap\W03\W06\sec\SAPSSLC.pse
maintain_pk for PSE "D:\usr\sap\W03\W06\sec\SAPSSLC.pse"
However, i got below error when repeating the steps in QA server.
[Thr 4256] SecuSSL_SessionStart: SSL_connnect() failed (536872221/0x2000051d) [Thr 4256] => "Failed to verify peer certificate. Peer not trusted." [Thr 4256] >> ---------- Begin of Secu-SSL Errorstack ---------- >>[Thr 4256] 0x2000051d | SAPCRYPTOLIB | SSL_connect [Thr 4256] SSL API error [Thr 4256] Failed to verify peer certificate. Peer not trusted. [Thr 4256] 0xa0600203 | SSL | ssl_verify_peer_certificates [Thr 4256] Peer not trusted [Thr 4256] 0xa0600297 | SSL | ssl_cert_checker_verify_certificates [Thr 4256] peer certificate (chain) is not trusted
I suspect that the script is not updating the PSE into SAPSSLC when i executed the scripts as below.
D:\sapcrypto>sapgenpse.exe maintain_pk -a D:\usr\sap\W03\W06\sec\GP3_W1.pse -p D :\usr\sap\W03\W06\sec\SAPSSLC.pse maintain_pk for PSE "D:\usr\sap\W03\W06\sec\SAPSSLC.pse" PKList NOT changed (2 entries total)
I have not idea why the script is not updating the SAPSSLC.
Please advise if you have any idea.
Thank you.
BRs, Por.