I only know sap note"510007 - Setting up SSL on Application Server ABAP".
If i apply the informations of this note to AS JAVA,
"The built-in defaults for the client-side enables only SSLv3 + TLSv1.0 for SAPCRYPTO 5.5.5pl28+ and CommonCryptoLib 8, corresponding to client-side protocol version flags (128+64) = 192. It is recommended to request TLS protocol version TLSv1.1 and TLSv1.2 with the flags "Best" and "NO_GAP", because only the latter is future-friendly and is fully compatible with older libraries."
i have to set the following sap profile parameters, like for example:
ssl/ciphersuites = 135:HIGH:MEDIUM:+e3DES
ssl/client_ciphersuites = 198:HIGH:MEDIUM:+e3DES
Unfortunately the AS Java already "requesting version 3.1..."
I suspect that these sap profile parameters don't work for AS JAVA?
Any experiences?
Any ideas?
Thanks in advance,
Matthias
- SAP NW PO 731 SPS12 (AS JAVA only)
- Currently we use CommonCryptoLib (SAPCRYPTOLIB) Version 8.4.37 pl40 (May 12 2015) MT-safe.
- Kernel = 721_EXT 64Bit Patch 300