Skip to Content
Product Information
Author's profile photo Juergen Adolf

SAP BTP Transport Layer Security (TLS) Connectivity Support

Many customers have questions regarding the encryption of data in transit. SAP BTP uses encrypted communication channels based on HTTPS/TLS.

What is TLS?

TLS stands for “Transport Layer Security.” It is a protocol that provides privacy and data integrity between two communicating applications. It’s the most widely deployed security protocol used today, and is used for web browsers and other applications that require data to be securely exchanged over a network. TLS ensures that a connection to a remote endpoint is the intended endpoint through encryption and endpoint identity verification.The protocol is described by the Internet Engineering Task Force (IETF)  in  Requests for Comments (RFCs). It evolves over time to support higher standards. More information can be found under  https://en.wikipedia.org/wiki/Transport_Layer_Security

SAP BTPs` servers support with beginning of December 2020 only the  TLS 1.2 version of the TLS protocol.

We announce support of the upcomming TLS 1.3 version using the SAP BTP release notes.

In case of problems and for more in-depth information please read:

SAP Note 2923117 – SAP Cloud Platform NEO – TLS 1.2 Migration – How to address problems with old TLS protocol versions in clients accessing SAP Cloud Platform NEO of SCP

 

 

Assigned tags

      8 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Wolfgang Röckelein
      Wolfgang Röckelein

      Hi Juergen Adolf ,

      thanks for the helpful overview.

      However what is with TLS 1.3 and HTTP/2?

      We have 2019!

      Regards,

      Wolfgang

      Author's profile photo Juergen Adolf
      Juergen Adolf
      Blog Post Author

      Hello Wolfgang,

      it is on the roadmap and we will support it in the near future.

      Author's profile photo Jens Schwendemann
      Jens Schwendemann

      This statement is getting 2 years old soon, happy B-Day ;-P

      *SCNR*

      Author's profile photo Kai-Fabius Pribyl
      Kai-Fabius Pribyl

      Hello Juergen,

       

      can you please tell me the timeline for disabling TLS 1.0 and 1.1 ?

      We run a host via API Management Service on eu1 (neo) that is only supporting TLS 1.2 at the moment. I fear that the support of older versions has just ended, as we are experiencing some troubles that may be TLS related.

       

      Regards

      Kai

       

       

      Author's profile photo Juergen Adolf
      Juergen Adolf
      Blog Post Author

      Hello,

      I did update the blogpost . For compatibility reasons the old neo envrionments will not disable TLS 1.0 and TLS 1.1. The workaround is to use custom domains.

      If you want to activate the use of TLS 1.2 only in your Neo Region, you may use custom domains to do so. See SAP Note 2586984 – Restrict SAP Cloud Platform to use TLS1.2 only and SAP Note 2732964 – How to control TLS version in SAP Cloud Platform Neo Environment .

      Author's profile photo Simone Cattozzi
      Simone Cattozzi

      Could you please tell us the timeline for disabling TLS 1.0 and 1.1 ?

       

      Thanks

      Author's profile photo Juergen Adolf
      Juergen Adolf
      Blog Post Author

      Hello,

      I did update the blogpost . For compatibility reasons the old neo envrionments will not disable TLS 1.0 and TLS 1.1. The workaround is to use custom domains.

      If you want to activate the use of TLS 1.2 only in your Neo Region, you may use custom domains to do so. See SAP Note 2586984 – Restrict SAP Cloud Platform to use TLS1.2 only and SAP Note 2732964 – How to control TLS version in SAP Cloud Platform Neo Environment .

      Author's profile photo Franz R.
      Franz R.

      Hello Juergen Adolf

       

      You mentioned a roadmap for SCC regarding TLS 1.3. I can't find it at https://www.sap.com/germany/products/roadmaps/finder-all.html?sort=title_asc&search=connector

      Can you please refer to that roadmap? Can you please say whether TLS 1.3 is supported meanwhile or when it will be supported?

       

      Thanks and Regards,

      Franz