Error in SM59 ICM_HTTP_SSL_ERROR

Hello,

I am trying to connect to a web server from SAP WebAS using HTTPS.

Accordingly i created RFC Destination of type G, activated SSL and selected ANONYM SSL Client. Also i imported the both the certificates (public and private) under SSL Client Anonymous. After importing i re-started the ICM as well (infact the server was also restarted afterwards).

Still when tried to do the test connection it gave following error "ICM_HTTP_SSL_ERROR". When looked at the trace i found following error

[Thr 2314] *** ERROR during SecudeSSL_SessionStart() from SSL_connect()==SSL_ERROR_SSL
[Thr 2314]    session uses PSE file "/usr/sap/D06/DVEBMGS06/sec/SAPSSLA.pse"
[Thr 2314] SecudeSSL_SessionStart: SSL_connect() failed  secude_error 9 (0x00000009) = "the verification of the server's certificate chain failed"
[Thr 2314] >>            Begin of Secude-SSL Errorstack            >>
[Thr 2314] ERROR in ssl3_get_server_certificate: (9/0x0009) the verification of the server's certificate chain failed
ERROR in af_verify_Certificates: (27/0x001b) Chain of certificates is incomplete : "EMAIL=email OU=TSG,
ERROR in get_path: (27/0x001b) Found root certificate of <EMAIL=email, OU=TSG, O=TEST, SP=Goergia, L=Atlant
ERROR in verify_with_PKs: (27/0x001b) Found root certificate of <EMAIL=email, OU=TSG, O=TEST, SP=Goergia, L
[Thr 2314] <<            End of Secude-SSL Errorstack
[Thr 2314]   SSL_get_state() returned 0x00002131 "SSLv3 read server certificate B"
[Thr 2314]   SSL NI-sock: local=localIP:10845  peer=targetIP:6413
[Thr 2314] <<- ERROR: SapSSLSessionStart(sssl_hdl=0x1810a56f0)==SSSLERR_SSL_CONNECT
[Thr 2314] *** ERROR => IcmConnInitClientSSL: SapSSLSessionStart failed (-57): SSSLERR_SSL_CONNECT {00010740} [icxxconn_mt.c 201

I had checked few notes and also one blog which describes about this error but all it says is about importing the certificates to the certificates stores which already i did. Is there something i am missing in configuration?

One thing i noticed when i imported the certificates. The OU value is different in STRUST than 'TSG' which is displayed in the error. Is it by chance looking at wrong certificate file?

Thanks in advance.

Regards

Rajeev