In Linux servers there’s no certificate store similar to this known from Windows what actually makes entire operation much simpler. In order to make Message Broker running in Linux server trust the certificate presented by SAP service it is enough to copy its Thumbprint to Message Broker’s configuration file
| Code Block | ||
|---|---|---|
| ||
SapDefinitions:
- Id: sap1
#UserName: smr
UserName: kbp
Password:
PasswordSecure: wbXKZL7pvy4c
Url: https://172.16.50.20:443/sap/bc/srt/rfc/pacg/ecm_ws/100/pacg_ecm_ws/pacg_ecm_ws
# if SAP HTTPS certificate is not trusted by itself (e.g. not signed by trusted CA or not added to trusted certificate store)
# Message Broker can trust it if its fingerprint matches HttpsCertificateFingerprint below
HttpsCertificateFingerprint: 61A5E129460F22D0FC4345F2097F9CBD8CF744CE |
The value of HttpsCertificateFingerprint- 61A5E129460F22D0FC4345F2097F9CBD8CF744CE is copied from the certificate visible in the picture on the left
In case of providing incorrect thumbprint value following warning can be found in a log file:
It shows both expected thumbprint value (the value which is provided in the config) and value received from the server’s certificate.