cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

TLSV1.2 Profile parameters

former_member188791
Participant

on ‎01-20-2016 10:05 AM

0 Kudos

Hello everyone,

We want to disable SSL protocol and enable TLS protocol on our PO 7.4 single stack Java only.

We have followed the below notes and it has not helped us in anyway,

2110020 - Enabling TLS or disabling SSLv3 protocol versions on SAP WebDispatcher, or SAP WebAS (AS A...

Also we set up the profile parameters , but still we are getting Handshake failure error, the same working fine with SOAPUI.

ssl/ciphersuites            = 135:HIGH:MEDIUM:+e3DES

ssl/client_ciphersuites = 208:HIGH:MEDIUM:+e3DES

Any help appreciated.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎06-10-2016 3:45 PM
0 Kudos

Take a look at note: 2284059

Show replies
Show replies
former_member198633
Contributor
‎01-20-2016 10:31 AM
0 Kudos

Hello Rajiv,

Please check out this note:

510007 - Setting up SSL on Application Server ABAP

Point #6

Do you use the SAPCRYPTOLIB mentioned in the note?

Best Regards,

Peter

Show replies
Show replies
former_member188791
Participant
‎01-20-2016 1:21 PM
0 Kudos

Hi Peter,

We tried the above mentioned note but still its not enabling |TLS .

former_member198633
Contributor
‎01-29-2016 8:41 AM
0 Kudos

Hello Rajiv,

It is also important to mention that it is important to know that in your scenario AS Java 7.4 plays a server or a client role.

In case the AS Java 7.4 (which uses ICM) is the server, the SAP Cryptolib is used and the note above should be followed. The configuration is done by changing the ICM parameters.

When the AS Java 7.4 is a client in this scenario the SAP Java Cryptographic Toolkit is used, which at this moment does not support TLS1.2. Only TLS1.0 is supported now and the TLS1.2 support development is in progress.

Best Regards,

Peter

former_member188791
Participant
‎01-29-2016 9:21 AM
0 Kudos

Thank you Peter for your response.

I am using AS Java 7.4 as a client , if I want to use TLS1.0 do I need to do any additional config apart from importing Java cryptographic Toolkit.

former_member198633
Contributor
‎01-29-2016 11:21 AM
0 Kudos

Hello Rajiv,

Please check out this note: 1461912 - SSL Administration in a Dual-Stack Installation. And the links inside the note. These are the steps that should be followed.

Best Regards,

Peter

wilbertkarremans
Participant
‎02-17-2016 6:40 PM
0 Kudos

Hi Peter

We use SAP PI 7.30 SP05 (old). But we use CommonCryptoLib 8.4.41 pl40. We have kernel 721_EXT_REL patch number 600. We call a web SOAP (receiver) service API of PayPal which requires TLSv1.2 to my understanding. So we are the client and we are on the java stack. You wrote on 26/01/2016 that TLSv1.2 is not supported but development is in progress. My question: what is your source of this information? Is there any outlook when it becomes available? Is your remark only for AS Java 7.4 (NW) or also for NW 7.3?

Best regards;

Wilbert

former_member198633
Contributor
‎02-18-2016 9:50 AM
0 Kudos

Hello Wilbert,

When I wrote my post I consulted with the developer colleagues.

At this moment I cannot provide any ETA of this feature's availability.

In client scenarios, above 7.1 (so 7.3 and 7.4 is equivalent here from this point of view) the SAP Java Cryptograpic Toolkit is used, which currently does not have TLS1.2 support.

Best Regards,

Peter

wilbertkarremans
Participant
‎02-20-2016 9:05 AM
0 Kudos

Peter

Thank you for the reply. Currently 3 companies have issues with this. I will contact SAP support directly for this.

See: http://scn.sap.com/thread/3855131 for issue in various versions of SAP PI.

Best regards;

Wilbert

Ask a Question