SAP PO TLS and ciphers: an overview
Setting the right settings for TLS and cipher parameters for SAP PO can be difficult, as an overview of information available is mainly spread across a variety of notes by SAP. Currently, there’s more and more systems switching security levels to mandatory TLS 1.2 policy, as well as requiring higher security ECDHE and ECDSA ciphers. Setting the right parameters can be difficult for consultants, as different security requirements are set by different customers. Similarly, for developers at end clients, information on setting the different parameters might not be easily available, as information on parameters being spread through the various SAP notes. Subsequently, here is an overview of TLS, ciphers, and available parameters.
There are several topics for TLS version and ciphers which can be important to set the right parameters:
- TLS version
- Ciphers used
- Testing allowed TLS versions and ciphers
- Testing SAP PO TLS version and cipher compatibility
- Enabling TLS version
- Ciphers supported by default
- Enabling additional cipher types using SSLContext.properties file
- Enabling DHE ciphers
- Enabling ECDHE and ECDSA ciphers
- Example SSLContext.properties file
Most systems are using TLS 1.2, although some systems are still supporting TLS 1.0 and 1.1. When SSL is displayed when testing TLS version used, SSL versions are similar to different TLS versions. SSL 3.1 is equal to TLS 1.0, SSL 3.2 is the same as TLS 1.1 and SSL 3.3 is equal to TLS 1.2.
SAP PO supports three types of ciphers:
- Default available
- DHE ciphers
- Elliptic curves
Default available are TLS RSA and SSL RSA ciphers, these can be identified by cipher name starting with TLS_RSA or SSL_RSA (for example TLS_RSA_WITH_AES_128_GCM_SHA256). Similarly, DHE ciphers can be recognized by cipher name starting with TLS_DHE (for example TLS_DHE_RSA_WITH_AES_128_GCM_SHA256). Elliptic curve ciphers can be identified by cipher name starting with either TLS_ECDHE or TLS_ECDSA (e.g TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256).
SAP PO by default supports all ciphers with a length of 128 bits, these can be identified by 128 following the cipher name (for example TLS_RSA_WITH_AES_128_CBC_SHA). All 256 bit ciphers use a longer key, and can only be used if unlimited strength policies are enabled.
Testing allowed TLS versions and ciphers
Allowed TLS versions and ciphers for a connection can be tested using the SSL test service by SSL labs:
Testing SAP PO TLS version and cipher compatibility
TLS version and cipher compatibility in SAP PO can be tested using XPI Inspector (example 11).
Enabling TLS version
From SAP PO 7.5 SP05 or higher, all TLS versions (up to TLS 1.2) are supported. In any other versions of SAP PI/PO, TLS 1.0 and 1.1 are supported by default. TLS 1.2 can be enabled by patching or SP update.
Minimum SP level (with patching):
- SAP PI 7.10 SP18
- SAP PI 7.11 SP12
- SAP PI 7.30 SP13
- SAP PI 7.31 SP08
- SAP PI/PO 7.4 SP03
- SAP PO 7.5 SP00
Ciphers supported by default
By default, SAP PO supports all 128bit TLS RSA and SSL RSA ciphers. 256bit ciphers are enabled by default depending on JVM version (6.1.107, 7.1.055, 8.1.036 or higher) of SAP PO, or can be enabled on lower JVM versions by downloading and installing unlimited strength policy files.
Enabling additional cipher types using SSLContext.properties file
Any additional ciphers can be enabled, when available in SAP PO version, by adding these to the SSLContext.properties file. When modifying the SSLContext.properties file, at least parameters client.allowLegacyRenegotiation=true (allow renegotiation of ciphers), extension=signature_algorithms and extension=server_name.noncritical (send signature algorithms and server name initiating the connection) should be present.
Preferred ciphers can be used by modifying SSLContext.properties file and manually adding ciphers, by adding cipherSuite=<name of cipher> to the file.
When modifying SSLContext.properties file with preferred ciphers, all other ciphers are no longer enabled. If default ciphers should remain enabled, these should be manually added as preferred ciphers to the modified SSLContext.properties file.
Enabling DHE ciphers
DHE ciphers are supported by default if TLS 1.2 is available in SAP PO. However, DHE ciphers have to be added manually to the SSLContext.properties file to be available.
Enabling ECDHE and ECDSA ciphers
ECDHE and ECDSA ciphers are supported in SAP PO 7.5 SP08 (with patching) or higher. Lower versions of SAP PI/PO do not support ECDHE and ECDSA ciphers.
To be enabled, a modified SSLContext.properties file is required, adding parameter extension=elliptic_curves.
Example SSLContext.properties file
An example SSLContext.properties file enabling all for SAP PO available ciphers, except ECDSA, can be found in note 2708581 (example 3). Availability of non-default (DHE, ECDHE etc) and 256bit ciphers is still dependent on SAP PO version and parameters set.
Hopefully this blog has been useful in explaining the different TLS versions and cipher types, testing these, as well as the parameters for TLS version and ciphers in SAP PO.
Overview of SAP notes used:
- 2284059: default ciphers, DHE ciphers, TLS 1.2 upgrade
- 1240081: unlimited strength policy files
- 0002246884: finding JVM version
- 2708581: ECDHE and ECDSA ciphers, examples of modified SSLContext.properties file
- 2569156: modify SSLContext.properties file
- 1514898: XPI Inspector
Thank you Martijn, this really helped me solve my problem. I have been struggling for hours to understand what that "iaik.security.ssl.SSLException: Peer sent alert: Alert Fatal: handshake failure" message means.