How to Enable TLS v1.2 in SAP Netweaver ABAP

When establishing trust between SAP BW and BI Platform, we faced TLS protocol error during test connection step in the configuration of BW Events.

What we found in a detailed study is for SSL communication, SAP BI Platform uses TLS version 1.2/1.1, the same needs to be enabled in SAP BW system as well. Else due to cipher suite mismatch the connection might fail.

In this article will go through the process of enabling TLS v1.2 in SAP Netweaver ABAP system.

Test SSL Connection

1. After creating http Destination in ABAP to BI Platform, Click Connection Test
2. If you see Success, it works, then you’re good.
3. If you see error something like below, please see the next section

“received a fatal TLS 1.0 protocol version alert message from the peer”

Check Trace File

1. Go to transaction SMICM
2. Go to menu, Go to –> Trace File –> Display End

If you see message complaining about TLS version, then proceed to next section

Enable TLS v1.2

1. Go to transaction RZ10
2. Open DEFAULT profile, select Extended Maintenance and click Change

3. Add these two parameters

ssl/ciphersuites = 135:PFS:HIGH::EC_P256:EC_HIGH

ssl/client_ciphersuites = 150:PFS:HIGH::EC_P256:EC_HIGH

4. Click Save

5. Restart Server

6. Go back SMICM and see trace file again. If you see two parameters, then they are configured           properly

Test SSL Connection again and it should be Ok now.

Learn More:

https://blogs.sap.com/2018/02/28/saml-integration-between-microsoft-azure-portal-and-sap-analytics-cloud/

https://blogs.sap.com/2017/12/19/sap-analytics-cloud-saml-sso-using-adfs-active-directory-federation-services-as-an-identity-provider/

https://blogs.sap.com/2018/02/22/adfs-with-sap-business-intelligence-platform/

https://blogs.sap.com/2018/03/01/saml-integration-between-microsoft-azure-portal-and-sap-business-intelligence-platform/