Hello Ridvan,

I am getting same error . can you please provide the solution? if you have solved same.

Regards,

Jatin

TLS_RSA_WITH_AES_128_GCM_SHA256 support only starts with Java 8. PI 7.5 still runs on Java 7. There is no way that I know of that you'd be able to connect to your server.

Hi Ridvan,

try adding custom Cipher suits with the help of note 2616983 - How to customize cipher suites in SSLContext.properties file.

if this will not help then keep only Defualt Cipher Suits in the properties file.

Regards,

Khaja.

@Satyanarayana

Nevertheless, I get handshake errors. Is it possible to configure PI which cipher suite he should take?

@Konrad

I read this note but we have no possibility to use web-dispatcher etc. Normally target URL have different cipher versions like RSA, but cannot handle it.

https://www.ssllabs.com/ssltest/analyze.html?d=staging%2denrichedapi.cygnetgsp.in⪭st

Hi Ridvan,

We have seen similar issue when one of target system has upgraded their TLS to 1.2. Since SAP is currently not supporting ECDHE we had to live with AES128 and requested the target to add below CIPHER Suit which resolved the issue (though it is WEAK).

TLS_RSA_WITH_AES_128_GCM_SHA256

Regards,

Hello Ridvan,

kindly check SAP Note 2538934 - "ECDHE cipher suites handshake failure". There is only a workaround solution via an apache or sapwebdispatcher.

Kind regards

Konrad