SUM SP13-14 – FAIL: SSSLERR_PEER_CERT_UNTRUSTED (WSATYPE_NOT_FOUND
When we are running the SUM we are getting below errors
ERROR 1 : Specify Credential Phase
The following problem has occurred during step execution: com.sap.sdt.tools.sysinfo.InstanceDetectorException: The update tool was unable to connect to the SAPControl web service on any of the detected instance numbers. Check that the SAP Start Services are running for all instances in the cluster. See SAP Note 1401712 for further information.
The update tool is unable to detect the instances information for instance number: 0 on host: null via the SAPCONTROL web service API. Either the SAP Start Service associated with this instance is not running or a required functionality is not supported by the current version of the Kernel. See SAP Note 1401712 for further information.
Sapcontrol client could not perform action get instance properties on instance 0
Return code condition success evaluated to false for process sapcontrol for action get instance properties
ERROR 2 : Execution Phase
Could not start instance with number 5. Could not send the command to start the instance with number <$$> on host <hostname>. Detected the instance check started has an Gateway feature. It cannot be handled by SUM and will be ignored. Return code condition success evaluated to false for process sapcontrol for action check started.
You need to open the corresponding INPUT_USER_PASSWORD_01.log and RESTART-SYSTEM-JAVAONLY_XX.LOG.
Jan 22, 2016 11:07:17 AM [Info ]: Process ID 49, name sapcontrol has been started.
Jan 22, 2016 11:07:17 AM [Info ]: Command line: sapcontrol -nr 0 -host localhost -user <sid>adm <SecureField> -prot NI_HTTPS -function GetInstanceProperties
Jan 22, 2016 11:07:17 AM [Info ]: Standard out: F:\sum\SUM\sdt\tmp\SAPCONTROL_GETINSTANCEPROPERTIES_0_08.OUT
Jan 22, 2016 11:07:17 AM [Info ]: Process ID 49 has been started.
Jan 22, 2016 11:07:17 AM [Info ]: Waiting for process ID 49, name sapcontrol to finish.
Jan 22, 2016 11:07:17 AM [Info ]: Process ID 49, name sapcontrol has been finished, exit code 1.
Since the exit code value is 1 , it means the sapcontrol has gone into error. So you need copied the command from the corresponding log file and run it on command prompt or os level of unix/linux. Once you fired the command you will get a error SSSLERR_PEER_CERT_UNTRUSTED (WSATYPE_NOT_FOUND)
sapcontrol -nr 0 -host localhost -user <sid>adm <SecureField> -prot NI_HTTPS -function GetInstanceProperties
sapparam: sapargv(argc, argv) has not been called!
sapparam(1c): No Profile used.
sapparam: SAPSYSTEMNAME neither in Profile nor in Commandline
FAIL: SSSLERR_PEER_CERT_UNTRUSTED (WSATYPE_NOT_FOUND: The specified class was no
t found.), SapSSLSessionStart failed in plugin_fopen()
You need to run the same command with an argument -debug
sapcontrol -nr 0 -host localhost -user <sid>adm <SecureField> -prot NI_HTTPS -function GetInstanceProperties -debug
You will get a trace of the problem with SSSLERR_PEER_CERT_UNTRUSTED (WSATYPE_NOT_FOUND)
Analyze the log. Now you need to copy the content from BEGIN CERTIFICATE to END CERTIFICATE in a notepad as below and save the notepad with .cer extension
Save the file with .cert extension.
Now you need to add this certificate in your SAPSSLC.PSE file by firing the below command.
sapgenpse maintain_pk -p SAPSSLC.PSE -a <Give the location of .cert file>
Once done , then you need to retry the step in SUM.