To establish a trusted relationship using the OAuth 2.0 client, you must use an SSL/TLS communication channel between your service provider and the AS ABAP.
For this purpose, the service provider and the AS ABAP must trust each other. The SSL/TLS digital signature certificate of the service provider must be in the certificate list of the SSL Client Anonymous PSE of the AS ABAP.
If developers set up a certain scenario, and this service provider's SSL/TLS certificate is not in the certificate list of the AS ABAP, the system administrators will need to export the service provider's SSL/TLS signing certificate and import it into the SSL Client Anonymous PSE on the AS ABAP side. By default, you create and manage PSEs in the trust manager (see the related links).