Skip to Content
Technical Articles
Author's profile photo PhaniKumar Akella

Consume SNI based APIs via SAP PO 7.5

We have been trying to integrate SAP ECC with one of the third parties REST API via SAP PO 7.5 (dual usage type). It’s Proxy to REST (Synch) scenario. API endpoint and Security key updated in the receiver SAP PO REST Communication channel. All the certificates (chain) deployed in SAP PO NWA Key Storage.

Integration flow:

While testing, we have encountered SSL based issues –  “SSLException while handshaking: Peer sent alert: Alert Fatal: unrecognized name”.



We have used XPI Inspector to analyse the SSL errors and identified below issues:

Using Transport Protocol: HTTPS
Handshake Timeout: 0
Keep alive: false
TCP No Delay: false
Exception Occured: Peer sent alert: Alert Fatal: unrecognized name

Begin IAIK Debug:
ssl_debug(49386): Starting handshake (iSaSiLk 5.2)…
ssl_debug(49386): Sending v3 client_hello message to, requesting version 3.3…
ssl_debug(49386): Sending extensions: renegotiation_info (65281), signature_algorithms (13)
ssl_debug(49386): Received alert message: Alert Fatal: unrecognized name
ssl_debug(49386): SSLException while handshaking: Peer sent alert: Alert Fatal: unrecognized name
ssl_debug(49386): Shutting down SSL layer…
ssl_debug(49386): Closing transport…

End IAIK Debug.


We have used Qualy’s SSL Labs free online service ( to performs a deep analysis of the configuration of SSL web server on the public Internet. As per the report, we have identified API requires SNI (Server Name Indication) support from any HTTP clients connecting to it.


By default, SNI extension is disabled in SAP PO. Connectivity issue between SAP PO and SNI based third party API got resolved post applying below OSS notes recommended by SAP:

2492386 – SSLException: Peer sent alert: Alert Fatal: unrecognized name

2604240 – TLS handshake failure due to missing SNI extension

2569156 – How to create, modify and validate file


Learn more about SNI:


Assigned Tags

      Be the first to leave a comment
      You must be Logged on to comment or reply to a post.