Skip to Content

How to check supported outbound cipher suites

This blog shows an easy way to determine supported outbound (client) cipher suites in PI / PO.

The key element to determine the supported cipher suites in an easy way is to use the internet tool “How’s my SSL?” (

The trick is, to setup a dummy ICO / IFlow using a receiver channel pointing to the api version of How’s my SSL. It’s easy to test it using the send test message

feature within PI / PO, but you can also use a synchronous sender channel (E. g. To call the interface with SOAP UI).

Attached you can find screenshot showing a dummy IFlow:



SOAP Receiver Channel:


Empty test message:


Result showing supported client cipher suites:


Attention: In PO Version (7.31 SP17) the HTTP_AAE adapter does not seem to use the IAIK library. We implemented SAP note 2284059

and get this result.






























“tls_version”:”TLS 1.0″


Further details about IAIK and TLS 1.2 can be found in this previous blog post: Outbound support for TLS 1.1/1.2

You must be Logged on to comment or reply to a post.