SAP Knowledge Base Article - Preview

2417205 - Enabling TLS 1.1 and 1.2 on NetWeaver AS Java for outgoing connections

Symptom

  • You need to enable TLS 1.1 and 1.2 in your NetWeaver Application Server Java for outgoing connections (i.e. as a client).
  • You may have read SAP Note 2284059 or 2503155, but you are not sure if your AS Java is already compliant with TLS 1.1 or 1.2.

Note: This article applies to communications that use the IAIK SSL library (mentioned in the SAP Notes above). If the application uses the underlying SAP JVM for TLS communication, it is available on SAP JVM 6 (from patch 093 onwards), 7 and 8. In order to determine whether the application uses IAIK or the JVM, the traces of a TLS connection/error can be analyzed to check if they include iaik* packages or javax.net.ssl* packages.


Read more...

Environment

SAP NetWeaver Application Server Java

Product

SAP NetWeaver Application Server for Java all versions

Keywords

TLS1.0 TLS1.1 TLS1.2 SSL handshake failure IOException SSLHandshakeException Connection closed by remote host, TLS outgoing connections , KBA , BC-JAS-SEC-CPG , Cryptography , How To

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.