Skip to Content
Technical Articles

Managing TLS Protocols with an SAP Cloud Platform Custom Domain


Using an SAP Cloud Platform custom domain allows you to¬†configure and expose your application under your own domain on SAP Cloud Platform, and protect the identity of your application. Instead of using the default subdomain, it lets you name your application in a way that’s easily recognizable by your customers.

In addition, it also gives you the opportunity to manage the version of the TLS protocol on SAP Cloud Platform. For example, you may need to disable an older TLS version such as TLS 1.0, and enable a newer one such as TLS 1.2.


You have configured an SAP Cloud Platform custom domain and you have mapped it to your application. For more information, see Using Custom Domains.

Enabling a TLS Protocol

You may want to enable a TLS protocol version without disabling any previously running TLS protocols. For example, if you want to enable TLS 1.2 without disabling TLS 1.1, run the following command:

neo set-ssl-host -a mysubaccount -u -h -n mysslhostname -c mycert -t "TLSV1_2,TLSV1_1"

For more information, see set-ssl-host.

Disabling a TLS Protocol

Respectively, you may prefer to disable a TLS protocol version for security reasons, because the current TLS protocol version is no longer supported. For example, if you decide to disable TLS 1.0 and enable TLS 1.2 instead, run the following command:

neo set-ssl-host -a mysubaccount -u -h -n mysslhostname -c mycert -t "TLSV1_2"

If you have any questions, don’t hesitate to ask.

Related Information

You must be Logged on to comment or reply to a post.
    • Hi Sreehari,

      If you run the set-ssl-host command without using any optional parameters, you will get the current TLS version. For example:

      neo set-ssl-host -a mysubaccount -u -h -n mysslhostname

      Best regards,