How To Fix SCLNT_HTTP421 - SSL certificate not trusted (ICM_HTTP_SSL_PEER_CERT_UNTRUSTED)


SCLNT_HTTP421 - Overview

  • Message type: E = Error

  • Message class: SCLNT_HTTP - Messages for HTTP Client for Respective Error Code

  • Message number: 421

  • Message text: SSL certificate not trusted (ICM_HTTP_SSL_PEER_CERT_UNTRUSTED)

  • Show details Hide details
  • What causes this issue?

    The SSL certificate for the server is not known as trusted in the PSE
    file.

    System Response

    The system issues an error message and will not allow you to continue with this transaction until the error is resolved.

    How to fix this error?

    If the SSL certificate for the server is to be made trusted, it must be
    included in the list of trusted certificates in the PSE file. This can
    be done by executing transaction STRUST.

    Procedure for System Administrators


    Error message extract from SAP system. Copyright SAP SE.


Smart SAP Assistant

  • What is the cause and solution for SAP error message SCLNT_HTTP421 - SSL certificate not trusted (ICM_HTTP_SSL_PEER_CERT_UNTRUSTED) ?
    The SAP error message SCLNT_HTTP421 SSL certificate not trusted (ICM_HTTP_SSL_PEER_CERT_UNTRUSTED) indicates that the SSL certificate presented by the server is not trusted by the SAP system. This typically occurs when the certificate is self-signed, expired, or not issued by a trusted Certificate Authority (CA).
    Causes:
    
    Self-Signed Certificate: The server is using a self-signed SSL certificate that is not recognized by the SAP system.
    Expired Certificate: The SSL certificate has expired and is no longer valid.
    Untrusted CA: The certificate is issued by a CA that is not included in the trusted root CA store of the SAP system.
    Intermediate Certificates Missing: The server may not be providing the full certificate chain, leading to trust issues.
    Incorrect Hostname: The hostname in the certificate does not match the hostname being accessed.
    
    Solutions:
    
    
    Import the Certificate:
    
    If the certificate is self-signed or from an untrusted CA, you can import the certificate into the SAP system's trust store.
    Use transaction STRUST in the SAP

    Already have an account? Login here!




Instant HelpGet instant SAP help. Sign up for our Free Essentials Plan.


Related SAP Error Messages

Click the links below to see the following related messages:

Click on this link to search all SAP messages.


Rating
ERPlingo simplifies finding the accurate answers to SAP message errors. I now use every week. A must have tool for anyone working with SAP! Highly recommended!
Rate 1
Kent Bettisworth
Executive SAP Consultant