You are trying to send SAP Cloud Platform Integration messages to another system, but the following certificate error appears:
'the provided certificate is not contained in the accepted subjectAndIssuers list'
In CPI/HCI 'HTTP Trace log' you can check that the response is resulting in 403 (using DigiCert Baltimore CA-2 G2 as example):
XXXXXXX (XXXXXXXXX) - XXXXXXXX@DigiCert Baltimore CA-2 G2 [XX/May/2020:00:00:00 +0000] POST /cxf/XXXXXXXXXXXX?MessageId=XXXXXXXXXXXX&QueueId=XXXXXXXXXXXX&QualityOfService=ExactlyOnce HTTP/1.1 403 384 88 XXXX-iflmap.hcisbp.XXX.hana.ondemand.com:443
In 'LJS Trace file' the certificate is not found:
ERROR#com.sap.it.commons.http.util.CertificateHelper##XXXXXXXXXX@DigiCert Baltimore CA-2 G2#https-jsse-nio-8041-exec-16###XXXXXXXXXXXXX#XXXXXXXXXXXXXXXXX#1#Unauthorized. Subject and issuer (subject: cn=XXXXXXXXXXXXX,ou=sap cloud managed services,o=sap se,l=walldorf,st=baden-württemberg,c=de; issuer: cn=digicert baltimore ca-2 g2,ou=www.digicert.com,o=digicert inc,c=us) of the provided certificate is not contained in the accepted subjectAndIssuers list.
- SAP Cloud Platform Integration for process services 3.0
- SAP Cloud Platform Integration for process services 4.0
SAP HANA Cloud Integration, SAP HCI, SAP CPI, SCPI, tenant, IFlow, Integration Flow, deployment, HCI tooling, Certificate, Load, Balancer, 403, subjectAndIssuers, List , KBA , LOD-HCI-PI , CPI for Process Integration , Problem
About this pageThis is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).
Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.