Skip to end of metadata
Go to start of metadata

1.- Activate ICF service for SSL. The path is the following /sap/bc/soap/ici_ssl
Make sure that in the "Logon Data" tab for this service under "Security Requirement"section, "SSL" is checked.
2.- Switch your communication for CMS -> CRM to HTTPs model. To do so, create a RFC destination of type H pointing to one of the application servers (doesn't matter which one) of the CRM system and activating SSL for that destination in the logon / security tab. Make sure that you choose your own SSL Client Certificate.

3.- In transaction CRMM_BCB_ADM, maintain in the SESSION_DESTINATION field for the Communication the previously created RFC destination :

4.- If you are upgrading from CRM7.0 to CRM7.01, make sure that SAP note 1571486  is in place.


  1. Hi Joaquin,

         I have an issue about the step 2, when I test the RFC connection I still receive ICM_HTTP_SSL_ERROR and if I look the ICM Log I see the following error :

    *** ERROR during SecudeSSL_SessionStart() from SSL_connect()==SSL_ERROR_SSL

       session uses PSE file "/usr/sap/SR1/DVEBMGS01/sec/SAPSSLC.pse"

    SecudeSSL_SessionStart: SSL_connect() failed

      secude_error 9 (0x00000009) = "the verification of the server's certificate chain failed"

    Does it required other system admin stuff on the server ?




    Please follow note 1094342 to see if this helps solve the issue. Make sure the  "ici_ssl" service is active.
     -Lloyd Goveia