Skip to Content
author's profile photo Former Member
Former Member

How to determine which cipher suite is used in PI system

HI Team,

Due to recent change occurring from SSL to TLS in HMRC as per note 510007, there is a requirement to perform the changes for TLS Configuration in PI system.

This has been mentioned by SAP as :

As per note 510007, CommonCryptolib 8 (8.4.32) to be minimum in kernel directory.

2 parameters to be set - ssl/ciphersuites & ssl/client_ciphersuites with values mentioned in the SAP note.

I suggest to go with option 3 :

ssl/ciphersuites=135:HIGH:MEDIUM

ssl/client_ciphersuites=208:HIGH:MEDIUM

However, SAP also mentioned about the PFS cipher suites.

If PFS is being used on x_86_64 platforms, we need to use Commoncryptolib 8.4.48 or newer.

And also to enable PFS, the new cipher suite keyword "PFS" is to be added.

Iam unable to understand how do we determine if PFS is being used or no because then TLS need to be done

as per PFS cipher suite.

I tried to run sapgenpse tlsinfo command in cmd prompt but could not get any information.

Currently our PI system 740 is having below values

ssl/ciphersuites=HIGH:MEDIUM:+e3DES:!aNULL (default in RZ11)

ssl/client_ciphersuites=HIGH:MEDIUM:+e3DES:!aNULL (default in RZ11)

Kernel = 742(300)

Common cryptolib = 8.4.43

Request you to please suggest if there is a method to determine which cipher suite is being in our system as we can do the changes in Test and PRD systems of PI but can see the actual impact only in PRD system as test system is not connected to HMRC.

Thanks

Imaan

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

1 Answer

  • Posted on Aug 18, 2016 at 02:24 PM

    From the OS command-line, run sapgenpse tlsinfo +

    This will display your currently enabled TLS settings.


    Regards,

    Jude

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.