Skip to Content
Technical Articles
Author's profile photo Mohammed Ashraf

How to Enable TLS v1.2 in SAP Netweaver ABAP

When establishing trust between SAP BW and BI Platform, we faced TLS protocol error during test connection step in the configuration of BW Events.

What we found in a detailed study is for SSL communication, SAP BI Platform uses TLS version 1.2/1.1, the same needs to be enabled in SAP BW system as well. Else due to cipher suite mismatch the connection might fail.

In this article will go through the process of enabling TLS v1.2 in SAP Netweaver ABAP system.

Test SSL Connection

  1. After creating http Destination in ABAP to BI Platform, Click Connection Test
  2. If you see Success, it works, then you’re good.
  3. If you see error something like below, please see the next section

“received a fatal TLS 1.0 protocol version alert message from the peer”

Check Trace File

  1. Go to transaction SMICM
  2. Go to menu, Go to –> Trace File –> Display End

If you see message complaining about TLS version, then proceed to next section

Enable TLS v1.2

  1. Go to transaction RZ10
  2. Open DEFAULT profile, select Extended Maintenance and click Change

3. Add these two parameters

ssl/ciphersuites = 135:PFS:HIGH::EC_P256:EC_HIGH

ssl/client_ciphersuites = 150:PFS:HIGH::EC_P256:EC_HIGH

4. Click Save

5. Restart Server

6. Go back SMICM and see trace file again. If you see two parameters, then they are configured           properly

Test SSL Connection again and it should be Ok now.


Learn More:

Assigned Tags

      You must be Logged on to comment or reply to a post.
      Author's profile photo Pankaj Sharma
      Pankaj Sharma

      Hello Mohammed,

      We had followed the recommendation and have set the 2 ciphersuites parameter for successful outbound communication from ERP to Concur via PI.

      Today we discovered via below that :

      Planned Changes: Some TLSv1.2 Ciphers No Longer Supported (Jun 22)

      Can you explain how to rectify this issue as we get handshake error now.

      What SAPCRYPTO version we need to update to and what value should we set in cipersuites parameters ?




      Author's profile photo SUDHEER TS

      I was struggling to solve this problem.  We used to transmit some SAP BW reports thru office 365 mail to some users and it suddenly started taking too much time since last few days.

      I could solve this problem adding these 2 parameters.

      Thanks & regards.


      Author's profile photo Filipe Luna
      Filipe Luna

      It would also be wise to have a look at OSS note 510007.  This covers all of the aspects of parameters, CommonCryptoLib versions, etc.