on 09-06-2018 1:58 PM
Hi gurus,
ECDHE cipher suite is not supported by PI. The target Url have more cipher suites in the supported list. Can anyone asist me?
My XPI_Inspector give me handshake error.
below are overlapped cipher suites between PI and the Target URL;
https://staging-enrichedapi.cygnetgsp.in/v0.1/authenticate/token
Hello Ridvan,
I am getting same error . can you please provide the solution? if you have solved same.
Regards,
Jatin
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Jatin Sharma,
If you are facing a issue, may be its time that you also create a new question with your details & we can try to help you out, in case you are not able to find answers after searching in Google
Thanks,
Kaushik
TLS_RSA_WITH_AES_128_GCM_SHA256 support only starts with Java 8. PI 7.5 still runs on Java 7. There is no way that I know of that you'd be able to connect to your server.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Ridvan,
try adding custom Cipher suits with the help of note 2616983 - How to customize cipher suites in SSLContext.properties file.
if this will not help then keep only Defualt Cipher Suits in the properties file.
Regards,
Khaja.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Nevertheless, I get handshake errors. Is it possible to configure PI which cipher suite he should take?
@Konrad
I read this note but we have no possibility to use web-dispatcher etc. Normally target URL have different cipher versions like RSA, but cannot handle it.
https://www.ssllabs.com/ssltest/analyze.html?d=staging%2denrichedapi.cygnetgsp.in⪭st
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Ridvan,
We have seen similar issue when one of target system has upgraded their TLS to 1.2. Since SAP is currently not supporting ECDHE we had to live with AES128 and requested the target to add below CIPHER Suit which resolved the issue (though it is WEAK).
TLS_RSA_WITH_AES_128_GCM_SHA256
Regards,
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Ridvan,
kindly check SAP Note 2538934 - "ECDHE cipher suites handshake failure". There is only a workaround solution via an apache or sapwebdispatcher.
Kind regards
Konrad
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.