Hi,
according to the note, the following ciphers are related to the different levels:
Category Position Name of SSL
ciphersuite
-----------------------------------------------------------
HIGH 1. TLS_RSA_WITH_AES128_CBC_SHA
HIGH 2. TLS_RSA_WITH_AES256_CBC_SHA
MEDIUM 3. SSL_RSA_WITH_RC4_128_SHA
MEDIUM 4. SSL_RSA_WITH_RC4_128_MD5
HIGH 5. SSL_RSA_WITH_3DES_EDE_CBC_SHA
LOW 6. SSL_RSA_WITH_DES_CBC_SHA
EXPORT 7. SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
EXPORT 8. SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5
EXPORT 9. SSL_RSA_EXPORT_WITH_RC4_40_MD5
Using
ssl/ciphersuites=HIGH:MEDIUM:!mMD5.
only ciphers 1,2,5 and 3 (in that order) should be active.
For instance based on the configuration, all usage of MD5 should be disabled. According to the screenshot, MD5 is still active. This is more than weird.
There is either something wrong with the connectivity (are you sure, they do test the right system and not some proxy?) or the configuration of the system. What is the patchlevel of the sapcryptolib?
As stated above, please check, that the parameters are active (RZ11).
Do you use icm/ssl_config_<xx> to specify port specific ssl parameters? if yes, what did you specify.
Regards,
Patrick