I have set up an HTTPS link between our SAP system and a Neptune endpoint and want it to run without the classic RFC destination in SM59. The server certificate chain is already loaded in STRUST and the relevant profile parameters have been added in RZ10, yet the handshake still fails because the certificate is not being recognised by the external system. Your task is to pinpoint and eliminate the SSL-related roadblock so the certificate is successfully presented and accepted every time the SAP system calls Neptune over HTTP/HTTPS. This may involve checking the PSE contents in STRUST, importing any missing root or intermediate certificates, adjusting ICM / SSL parameters, or correcting how the certificate is selected during the outbound call—whatever is required for a clean, trusted connection. Acceptance criteria • Outbound HTTPS call from SAP reaches the Neptune service with the certificate properly sent and validated. • No “certificate not recognised” errors in SAP ICM or application logs. • A brief change log and step-by-step summary of what was fixed so I can reproduce it in QA and Prod. Remote access can be provided via our usual secure channel, and I’m available to restart the instance or apply profile changes whenever you need. If you know SAP Basis SSL configuration inside out and can walk through network traces (STRUST, ICM, Wireshark, SAPCAR, etc.) this should be straightforward. I’m ready to start as soon as you are.