Hi community! This is my first blog post and I hope it might help you all to Run Simple.

One of the steps in setting up SSL in the NetWeaver Application Server ABAP is configuring the available TLS protocol versions and the cipher suites.

In some scenarios, selecting the correct values can be confusing and laborious. However, there is a very useful tool, described in SAP Note 510007, that go unnoticed for most of the readers.
The "sapgenpse tlsinfo" can be used to check the results of particular configurations of the 'ssl/ciphersuites' and 'ssl/client_ciphersuites' parameters.

For recommended values, please check SAP Note 510007 and SAP Note 2384290

The motivation of this post is to show some properties and some examples about this tool.

1. The 'sapgenpse tlsinfo'

The CommonCryptoLib must be correctly installed in order to use this command. It can be run on OS level or using the 'RSBDCOS0' report in 'SE38' transaction.

The correct syntax is:

sapgenpse tlsinfo [options] <TLS configuration>

There are a lot of options and the purpose of this post is not to explain all of them. For more information run: 'sapgenpse tlsinfo -h'.

What matters here is the <TLS configuration> field. This is where you put the selected values from the 'ssl/ciphersuites' parameter.

I'm running all examples on my own test system, which has the CommonCryptoLib 8.5.6 installed.

2.1 Cipher suites

First, let's check the default values enabled for a 742+ release. This can be done by running:

sapgenpse tlsinfo HIGH:MEDIUM:+e3DES

The expected result should be all HIGH cipher suites with the highest preference, followed by the MEDIUM category and the +e3DES cipher suite at the end.
Notice that the 'TLS_RSA_WITH_3DES_EDE_CBC_SHA' cipher suite is in the HIGH category, but appears at the end. This is what the '+' operator stands for: Scan current result list. Move matching items to the end of the result list.

The result of the previous command is:

Running in server mode

Configured protocol versions:

TLSv1.0, TLSv1.1, TLSv1.2

Enabled cipher suites:

TLS_RSA_WITH_AES128_GCM_SHA256

TLS_RSA_WITH_AES256_GCM_SHA384

TLS_RSA_WITH_AES128_CBC_SHA

TLS_RSA_WITH_AES256_CBC_SHA

TLS_RSA_WITH_RC4_128_SHA

TLS_RSA_WITH_RC4_128_MD5

TLS_RSA_WITH_3DES_EDE_CBC_SHA

(!)Elliptic curves were disabled by cipher suite configuration

(!)As no ECC cipher suites were enabled, elliptic curves will not be used with this configuration

Other options:

TLS version fallback protection support OFF

This matches perfectly with the expected results. It can be checked in the table presented in SAP Note 510007 (pay attention to the 'NOTE:' below the table in Section 6).

2.2 Modifying the order

Changing the categories order in the <TLS configuration> will modify the enabled cipher suites preference. Let's see what happens when we move the MEDIUM category to the beginning.

Running 'sapgenpse tlsinfo MEDIUM:HIGH:+e3DES':

Enabled cipher suites:

TLS_RSA_WITH_RC4_128_SHA

TLS_RSA_WITH_RC4_128_MD5

TLS_RSA_WITH_AES128_GCM_SHA256

TLS_RSA_WITH_AES256_GCM_SHA384

TLS_RSA_WITH_AES128_CBC_SHA

TLS_RSA_WITH_AES256_CBC_SHA

TLS_RSA_WITH_3DES_EDE_CBC_SHA

As we can see, the cipher suites in the MEDIUM category have the highest preference now.

3.1 Protocols

A number value (protocol version flags) can be inserted at the beginning of the SSL/TLS cipher suites strings in profile parameters to select the desired protocol versions.
Let's take a look at the result of 'sapgenpse tlsinfo 128:HIGH:MEDIUM:+e3DES'

Running in server mode

Configured protocol versions:

TLSv1.0

Enabled cipher suites:

TLS_RSA_WITH_AES128_CBC_SHA

TLS_RSA_WITH_AES256_CBC_SHA

TLS_RSA_WITH_RC4_128_SHA

TLS_RSA_WITH_RC4_128_MD5

TLS_RSA_WITH_3DES_EDE_CBC_SHA

(!)Elliptic curves were disabled by cipher suite configuration

(!)As no ECC cipher suites were enabled, elliptic curves will not be used with this configuration

Other options:

TLS version fallback protection support OFF

Here, the only protocol available is the TLSv1.0, which corresponds to the '128' value. Also, notice that the first two cipher suites in the 2.2 example are now gone.
This is correct, since both are only available to TLSv1.2, as described in the 'NOTE:' below the Section 6 table.

3.2 Enabling more protocols

Let's say you want to use only TLSv1.1 in your application server. The correct procedure will be select the '256' value, right?

Well, no.

Testing the 'sapgenpse tlsinfo 256:HIGH:MEDIUM:+e3DES' :

Running in server mode

Configured protocol versions:

TLSv1.0, TLSv1.1

Enabled cipher suites:

TLS_RSA_WITH_AES128_CBC_SHA

TLS_RSA_WITH_AES256_CBC_SHA

TLS_RSA_WITH_RC4_128_SHA

TLS_RSA_WITH_RC4_128_MD5

TLS_RSA_WITH_3DES_EDE_CBC_SHA

(!)Elliptic curves were disabled by cipher suite configuration

(!)As no ECC cipher suites were enabled, elliptic curves will not be used with this configuration

Other options:

TLS version fallback protection support OFF

It may look incorrect, but this is the expected result. In fact, TLSv1.0 will be automatically enabled, unless we explicit disabled it. The correct way to do is adding the '32' bit-flag value to the values already selected.

Now, running with 256+32 value:

sapgenpse tlsinfo 288:HIGH:MEDIUM:+e3DES

Running in server mode

Configured protocol versions:

TLSv1.1 (Strict Protocol Version Mode)

Enabled cipher suites:

TLS_RSA_WITH_AES128_CBC_SHA

TLS_RSA_WITH_AES256_CBC_SHA

TLS_RSA_WITH_RC4_128_SHA

TLS_RSA_WITH_RC4_128_MD5

TLS_RSA_WITH_3DES_EDE_CBC_SHA

(!)Elliptic curves were disabled by cipher suite configuration

(!)As no ECC cipher suites were enabled, elliptic curves will not be used with this configuration

Other options:

TLS version fallback protection support OFF

we can see that only TLSv1.1 will be enabled.

3.3 Removing a Cipher Suite

To check all cipher suites in the HIGH category, the following command is used: "sapgenpse tlsinfo HIGH"

Enabled cipher suites:

TLS_RSA_WITH_AES128_GCM_SHA256

TLS_RSA_WITH_AES256_GCM_SHA384

TLS_RSA_WITH_AES128_CBC_SHA

TLS_RSA_WITH_AES256_CBC_SHA

(!)Elliptic curves were disabled by cipher suite configuration

(!)As no ECC cipher suites were enabled, elliptic curves will not be used with this configuration

Now, for some reason, we want to remove the 'TLS_RSA_WITH_AES256_CBC_SHA' cipher from the list.
How can we do that? Well, each cipher suite has a specific configuration string. Those can be checked by running 'sapgenpse tlsinfo -H':

Cipher suite configuration strings:

DEFAULT     : Default cipher suites (HIGH:PFS:!aNULL:!eNULL) - must be first key word

ALL         : All supported cipher suites

PFS         : Perfect forward secrecy: key agreement with ephemeral keys

HIGH        : High security cipher suites (except PFS)

MEDIUM      : Medium security cipher suites

kRSA        : Cipher suites which use RSA key and certificate for key exchange

kECDHE      : Cipher suites which use ephemeral ECDH key for key agreement

aRSA        : Cipher suites requiring RSA certificate for server authentication

aECDSA      : Cipher suites requiring ECDSA certificate for server authentication

eDES        : 64 bit DES data encryption cipher suites

e3DES       : 192 bit 3DES data encryption cipher suites

eRC4        : RC4 data encryption cipher suites

eRC2        : RC2 data encryption cipher suites

eAES        : AES data encryption cipher suites

eAES_CBC    : AES in CBC mode data encryption cipher suites

eAES_GCM    : AES in GCM mode data encryption cipher suites

eAES128     : AES 128 bit data encryption cipher suites

eAES256     : AES 256 bit data encryption cipher suites

eAES128_CBC : AES 128 bit in CBC mode data encryption cipher suites

eAES256_CBC : AES 256 bit in CBC mode data encryption cipher suites

eAES128_GCM : AES 128 bit in GCM mode data encryption cipher suites

eAES256_GCM : AES 256 bit in GCM mode data encryption cipher suites

mMD5        : MD5 data protection cipher suites

mSHA1       : SHA1 data protection cipher suites

mSHA2       : SHA2 (SHA256/SHA384) data protection cipher suites

mSHA384     : SHA384 data protection cipher suites

mAEAD       : Cipher suites using authenticated encryption with associated data

eNULL       : Cipher suites without data encryption. Use for test purposes only



Option control key words:

TLS_FALLBACK_SCSV : Enable server support for TLS version downgrade protection



Elliptic curve configuration strings:

EC_DEFAULT  : Default elliptic curves (EC_HIGH:EC_MEDIUM)

EC_ALL      : All supported elliptic curves

EC_HIGH     : High security elliptic curves

EC_MEDIUM   : Medium security elliptic curves

EC_LOW      : Low security elliptic curves

EC_NIST     : NIST standardized elliptic curves, recommended in Suite B

EC_OPT      : Optimize performance of previously defined elliptic curves, only valid with the '+' operator (+EC_OPT)

Notice that the ''TLS_RSA_WITH_AES256_CBC_SHA' has the correspondent 'eAES256_CBC'.
To remove this cipher, it's necessary to use "!" operator. Something like this:

sapgenpse tlsinfo HIGH:!eAES256_CBC

Enabled cipher suites:

TLS_RSA_WITH_AES128_GCM_SHA256

TLS_RSA_WITH_AES256_GCM_SHA384

TLS_RSA_WITH_AES128_CBC_SHA

So, this is how you can remove a cipher suite from the list 😄

4. Conclusion

This tool is very helpful to understand and confirm all the possibilities when selecting the 'ssl/ciphersuites' parameters. I hope this clarifies some points related to this parameters and help everyone who needs to configure SSL in the ABAP Application Server.

For now, this is it. Stay tunned for more posts.

5. Additional information

510007 : Setting up SSL on Application Server ABAP

2384290 : SapSSL update to facilitate TLSv1.2-only configurations, TLSext SNI for 721+722 clients

RFC 5246 : The Transport Layer Security (TLS) Protocol Version 1.2