In Linux servers there’s no certificate store similar to this known from Windows what actually makes entire operation much simpler. In order to make Message Broker running in Linux server trust the certificate presented by SAP service it is enough to copy its Thumbprint to Message Broker’s configuration file
SapDefinitions: - Id: sap1 #UserName: smr UserName: kbp Password: PasswordSecure: wbXKZL7pvy4c Url: https://172.16.50.20:443/sap/bc/srt/rfc/pacg/ecm_ws/100/pacg_ecm_ws/pacg_ecm_ws # if SAP HTTPS certificate is not trusted by itself (e.g. not signed by trusted CA or not added to trusted certificate store) # Message Broker can trust it if its fingerprint matches HttpsCertificateFingerprint below HttpsCertificateFingerprint: 61A5E129460F22D0FC4345F2097F9CBD8CF744CE
The value of HttpsCertificateFingerprint - 61A5E129460F22D0FC4345F2097F9CBD8CF744CE is copied from the certificate visible in the picture on the left
In case of providing incorrect thumbprint value following warning can be found in a log file: