cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP Business Connector 4.8 support TLS 1.2?

Go to solution
gunnlaugurth_einarsson
Participant

on ‎08-22-2016 4:50 PM

0 Kudos

Hi all.

Has anyone applied note #2316176 - SAP Business Connector 4.8 and TLS 1.2 and succesfully created a handshake with and TLS1.2 handshake?

We have applied corefix 9 and hotfix 1 but still not able to connect.

This is from the debug log:

ssl_debug(2): Starting handshake (iSaSiLk 5.104)...

ssl_debug(2): Sending v3 client_hello message to b2b.fbl.is:443, requesting version 3.3...

ssl_debug(2): Sending extensions: renegotiation_info (65281), signature_algorithms (13)

ssl_debug(2): Received alert message: Alert Fatal: handshake failure

ssl_debug(2): SSLException while handshaking: Peer sent alert: Alert Fatal: handshake failure

ssl_debug(2): Shutting down SSL layer...

Please advice if you have any

Regards,

Gunnlaugur

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member186851
Active Contributor
‎08-23-2016 6:05 AM
0 Kudos

Hello Gunnlaugur,

Check if the below link helps

Show replies
Show replies
gunnlaugurth_einarsson
Participant
‎08-26-2016 2:26 PM
0 Kudos

This was solved by the service provider as they added a less restrictied algorithm to their cipher suite. SAPBC guys from SAP where not able to hotfix this.

Answers (1)

Answers (1)

ralf_wahlen3
Active Participant
‎09-14-2016 1:47 PM
0 Kudos

Hi there.

so what i see, on SAP BC 4.8 its not still working in 09/2016. We added the corepatch9 and HotFix1for corefix9 to our BC 4.8 SR11 and the java -version shows= 6.1.094 JVM after Upgrade from SAP JVM5 to 6. Still the old version of ssl standard 56bit occours in the about section of the BC Admin console is shown. the iaik 3.18 is still shown in the section SSL. What we do wrong? We followed Snote 2316176, changed the server.sh and also upgrade our SLES to 11.4!!( The first step)!!

SAP Note 2346928 - SAP JVM 6.1 Patch Collection 88 (Build 6.1.093) read, solution:SAP JVM 6.1 Patch Collection 88 Build 6.1.093.Updates from Oracle JDK 6u121 are now integrated. ( Backport from TLSv1.2 in JDK 6).

From the BC Admin Guide we added the params:

watt.net.ssl.client.handshake.maxVersion=tls12

Max ssl client handshake version.

watt.net.ssl.client.handshake.minVersion=tls

Min ssl client handshake version.

watt.net.ssl.client.strongcipheronly=true

If set to true, BC allows only strong encryption.

Please give us an advice, because we send our communications to the goverm. over the BC 4.8!

Greets

Ralf

Show replies
Show replies
gunnlaugurth_einarsson
Participant
‎09-20-2016 12:01 PM
0 Kudos

Hi Ralf.

We haven't fixed this in SAPBC, and according to response from SAP Service they haven't fixed this either.

So what we did was to ask the service provider to lower the security settings.

Ask a Question