cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

TLS 1.0 and TLS 1.1 coexisting in SAP PI

ADIDAS
Participant

on ‎05-09-2016 5:05 PM

0 Kudos

Hi,

We have got integration with few external partners using SSL. Currently all of them use TLS 1.0 but one of the partners ( Salesforce ) is disabling the TLS 1.0 and is going to support only 1.1 or higher. We have looked at the communication channel setting and do not see anything available to chose the SSL version, and if we make the changes in cryptolibrary, we think it will make it global and will disable all communication below TLS 1.1 thereby effecting our other integrations.

Any help anyone provide information on how they have achieved this kind of requirement in their landscape.

Regards,

Arunava

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

former_member186851
Active Contributor
‎05-09-2016 7:37 PM
0 Kudos


Hello Aruna,

I believe no additional settings are required.

Check the below link

Show replies
Show replies
ADIDAS
Participant
‎05-10-2016 7:06 PM
0 Kudos

Hi,

Sorry, I might have not been clear in my communication. I am looking at a way where Salesforce integration will use TLS 1.1 and greater and other integration will use TLS 1.0 ( not SSL v3 ).

Arunava

mate_moricz
Advisor
Advisor
‎05-15-2016 10:21 AM
0 Kudos

Hello Aruna,

If your partner requires TLS 1.1 or higher your partner's server will send back the requirement to PI which will connect to your partner via the required TLS version. Also please note that TLS 1.2 support is now official. Please check note:

2284059 - Update of SSL library within NW Java server

You don't have to change anything in your system. During the initialization of the connection the partner and the PI will negotiate which TLS version to use. In case with Salesforce it will use TLS 1.1 or higher (depends on the Salesforce requirement) and in other cases it will still continue to use TLS 1.0

Regards,
Mate

Ask a Question