When establishing trust between SAP BW and BI Platform, we faced TLS protocol error during test connection step in the configuration of BW Events.
What we found in a detailed study is for SSL communication, SAP BI Platform uses TLS version 1.2/1.1, the same needs to be enabled in SAP BW system as well. Else due to cipher suite mismatch the connection might fail.
In this article will go through the process of enabling TLS v1.2 in SAP Netweaver ABAP system.
“received a fatal TLS 1.0 protocol version alert message from the peer”
If you see message complaining about TLS version, then proceed to next section
3. Add these two parameters
ssl/ciphersuites = 135:PFS:HIGH::EC_P256:EC_HIGH
ssl/client_ciphersuites = 150:PFS:HIGH::EC_P256:EC_HIGH
4. Click Save
5. Restart Server
6. Go back SMICM and see trace file again. If you see two parameters, then they are configured properly
Test SSL Connection again and it should be Ok now.
https://blogs.sap.com/2018/02/28/saml-integration-between-microsoft-azure-portal-and-sap-analytics-c...
https://blogs.sap.com/2017/12/19/sap-analytics-cloud-saml-sso-using-adfs-active-directory-federation...
https://blogs.sap.com/2018/02/22/adfs-with-sap-business-intelligence-platform/
https://blogs.sap.com/2018/03/01/saml-integration-between-microsoft-azure-portal-and-sap-business-in...
What we found in a detailed study is for SSL communication, SAP BI Platform uses TLS version 1.2/1.1, the same needs to be enabled in SAP BW system as well. Else due to cipher suite mismatch the connection might fail.
In this article will go through the process of enabling TLS v1.2 in SAP Netweaver ABAP system.
Test SSL Connection
- After creating http Destination in ABAP to BI Platform, Click Connection Test
- If you see Success, it works, then you’re good.
- If you see error something like below, please see the next section
“received a fatal TLS 1.0 protocol version alert message from the peer”
Check Trace File
- Go to transaction SMICM
- Go to menu, Go to --> Trace File --> Display End
If you see message complaining about TLS version, then proceed to next section
Enable TLS v1.2
- Go to transaction RZ10
- Open DEFAULT profile, select Extended Maintenance and click Change
3. Add these two parameters
ssl/ciphersuites = 135:PFS:HIGH::EC_P256:EC_HIGH
ssl/client_ciphersuites = 150:PFS:HIGH::EC_P256:EC_HIGH
4. Click Save
5. Restart Server
6. Go back SMICM and see trace file again. If you see two parameters, then they are configured properly
Test SSL Connection again and it should be Ok now.
Learn More:
https://blogs.sap.com/2018/02/28/saml-integration-between-microsoft-azure-portal-and-sap-analytics-c...
https://blogs.sap.com/2017/12/19/sap-analytics-cloud-saml-sso-using-adfs-active-directory-federation...
https://blogs.sap.com/2018/02/22/adfs-with-sap-business-intelligence-platform/
https://blogs.sap.com/2018/03/01/saml-integration-between-microsoft-azure-portal-and-sap-business-in...
- SAP Managed Tags:
3 Comments
