cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

HTTP Communication Error through SAP GUI

former_member763290
Explorer

on ‎08-17-2021 5:35 PM

0 Kudos

Hello Experts, We have a standard report in SAP to test the communication with any URL. The same is explained below Test Method:

1. Run the report RSHTML01 in SE38 tcode from ISQ.

2. Enter the below link, Proxy and port as shown below: https://utility.xxxx.com We are getting the below Error.

3. We traced the log with SMICM Code :

sysno 01 sid ISQ systemid 390 (AMD/Intel x86_64 with Linux) relno 7530 patchlevel 0 patchno 700 intno 20170305 make multithreaded, Unicode, 64 bit, optimized profile /usr/sap/ISQ/SYS/profile/ISQ_D01_DCVLSAPQAIS01 pid 80115 [Thr 140020575348480] Tue Aug 17 00:44:12:513 2021 [Thr 140020575348480] Trace file initialized [Thr 140020575348480] TRACE FILE TRUNCATED [Thr 140020573234944] *** ERROR => Peer is no SSL/TLS Server ["....." 15 00 00 00 02] [ssslsecu.c 6038] [Thr 140020573234944] Target Hostname="utility.arcgis.com" [Thr 140020573234944] SSL NI-hdl 143: local=172.27.27.10:40918 peer=172.27.11.133:3000 [Thr 140020573234944] <<- ERROR: SapSSLSessionStartNB(sssl_hdl=7f58ec022280)==SSSLERR_NO_SSL_RESPONSE [Thr 140020573234944] *** ERROR => SSL handshake with utility.arcgis.com:443 failed: SSSLERR_NO_SSL_RESPONSE (-75) [Thr 140020573234944] Server did not respond with SSL/TLS protocol to our ClientHello handshake proposal [Thr 140020573234944] [Thr 140020573234944] SapSSLSessionStartNB()==SSSLERR_NO_SSL_RESPONSE [Thr 140020573234944] [Thr 140020573234944] {00070bc4} {root-id=00505681A2E21EDBBFDA9DDBB6EC3674} [icxxconn.c 2537] [Thr 140020573234944] BATCH T33_U23464_M0, 200, VIJAY, , time=00:44:07, W45, program=/MRSS/OPTIMIZER, low priori [Thr 140020573234944] role: Client, protocol: HTTPS, local: 172.27.27.10:40918, peer: 172.27.11.133:3000 [Thr 140020574820096] Tue Aug 17 00:44:12:617 2021

So Could you please suggest a way out?

Regards,

Akshay Sonayallu

Show replies
Show replies
Sandra_Rossi
Active Contributor
‎08-17-2021 8:28 PM

If you search this, you will get many answers:

ERROR => SSL handshake site:sap.com

(i.e. install the missing or expired certificates via STRUST)

former_member763290
Explorer
‎08-18-2021 9:50 AM
0 Kudos

Hello Robert,

We have updated the icm/HTTPS/client_sni_enabled = TRUE but when we are trying to set the ssl/client_sni_enabled = TRUE we are getting the error as 'Parameter name is not known'

Please find the attachment for reference.

Thanks & Regards,

Akshay Sonayallu

Former Member
‎08-18-2021 9:55 AM
0 Kudos

sonayalluakshay1

just answer Yes and proceed.

Then don't forget to restart the server or at least the ICM.

Not sure if restarting just the ICM is enough.

former_member763290
Explorer
‎08-24-2021 12:27 PM
0 Kudos

Hello Expert,

Sorry for the delay in response,

We are still facing the same error, after maintaining the parameters and restarting the ICM.

Is there a workaround for the same.

Regards,

Akshay Sonayallu

Former Member
‎08-24-2021 12:40 PM

Hi sonayalluakshay1,

I guess you have the other two params mentioned in

Point 7. Recommended Configuration of Available TLS Protocol Versions (required for enabling TLSv1.2)

ssl/ciphersuites         =  135:PFS:HIGH::EC_P256:EC_HIGH
ssl/client_ciphersuites  =  150:PFS:HIGH::EC_P256:EC_HIGH

and you have the required CCL

requiring at least CommonCryptoLib 8.4.38, recommending at least 8.5.4

The problem is utility.arcgis.com supports only TLS 1.2 and TLS 1.3. SAP does not support 1.3 for now but 1.2 should be fine.

Check snote 510007 thoroughly.

former_member763290
Explorer
‎09-20-2021 8:49 AM
0 Kudos

Hello Expert,

Sorry the delay in response.

We really thankful for the solution provided by you, which helped us to fix the issue.

Thank you for your Agile response.

Regards,

Akshay Sonayallu

former_member763290
Explorer
‎09-22-2021 9:20 AM
0 Kudos

Hello Experts,

Our Issue was resolved but somehow suddenly we are attached error message,

I would be very much thankful if you suggest some more changes.

error-message.txt

Regards,

Akshay Sonayallu

+91 9527786524

isaias_freitas
Advisor
Advisor
‎09-22-2021 12:25 PM
0 Kudos

Hello sonayalluakshay1 ,

The error is "Peer not trusted".

You must import the certificate below into the "SSL client standard" store, in transaction STRUST.

OU = Starfield Class 2 Certification Authority O = Starfield Technologies, Inc. C = US

Regards,

Isaías

Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

former_member747860
Explorer
‎08-18-2021 9:44 AM
0 Kudos

Uploaded to

System, SSL Server Standard, SSL-Client Anonym, SSL Client Standard

Show replies
Show replies
Sriram2009
Active Contributor
‎08-17-2021 6:19 PM
0 Kudos

Hi Akshay

1. Check this thread with the same issue

https://answers.sap.com/questions/12690587/ssl-handshake-with-443-failed-ssslerrpeercertuntru.html

2. Refer to this SAP note 2333326 to enable trace level 3 to find the detailed error log

Regards

SS

Show replies
Show replies
Ask a Question