- You need to enable TLS 1.1 and 1.2 in your SAP NetWeaver Application Server Java for outgoing connections (i.e. NW Java as a client).
- You may have read the SAP Notes 2284059 or 2503155, but you are not sure if your AS Java is already compliant with TLS 1.1 or 1.2.
Important: This article is applicable to communication scenarios that use the IAIK SSL library (mentioned in the SAP Notes above). If an application uses the underlying SAP JVM/JDK for TLS communication, it is needed to run SAP JVM 6.1.093 or higher patch (for NW 7.20, 7.3x, 7.40), or SAP JVM 8 (NW 7.5). In order to determine whether the application uses IAIK or the JVM, the traces of a TLS connection/error can be analyzed to check if they include iaik* packages or javax.net.ssl* packages. SAP JVM 4 (NW 7.0x) and 5 (NW 7.1x) do not support TLS 1.1/1.2.
SAP NetWeaver Application Server Java
TLS1.0 TLS1.1 TLS1.2 SSL handshake failure IOException SSLHandshakeException Connection closed by remote host, TLS outgoing connections , KBA , BC-JAS-SEC-CPG , Cryptography , How To
About this pageThis is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).
Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.