Thanks for your reply.
In fact, it works fine without the security profile setting in sender channel.
I use basic login for the connection to PI.
And , I choose root certificate for the issuer and partner certificate for the subject too.
By the way, I also try to generate key pair in pi to test it with the soapui tool, still report that error.