[英]SAP SSL handshake failed
I'm trying to retrieve data from an open data api.我正在尝试从开放数据 api 中检索数据。 I have downloaded the certificate from the site and imported it into STRUST (SSL Client Anonymous).
我已从站点下载证书并将其导入 STRUST(匿名 SSL 客户端)。
Then I created a HTTP connection to external server in SM59.然后我在 SM59 中创建了一个到外部服务器的 HTTP 连接。 In the beginning it worked fine, until last week when the api changed its URL and so its DNS.
一开始它运行良好,直到上周 api 更改了它的 URL 和 DNS。
Of course it could no longer be reached by the current host.当然,当前主机无法再访问它。 So I did above steps again for the new URL (changed everything accordingly like hostname etc. in SM59), but this time I receive following error:
所以我对新 URL 再次执行了上述步骤(在 SM59 中相应地更改了主机名等所有内容),但是这次我收到以下错误:
SSL handshake with 'hostname:port' failed: SSSLERR_CONN_CLOSED (-10)#Remote
Peer has closed the network connection##SapSSLSessionStartNB()==SSSLERR_CONN_CLOSED##
Anyone has an idea on how to solve this?任何人都知道如何解决这个问题?
On another forum someone helped me solve the problem.在另一个论坛上有人帮我解决了这个问题。 He pointed me out that the problem lies with SNI see: https://security.stackexchange.com/questions/101965/ssl3-error-when-requesting-connection-using-tls-1-2/102018#102018
他指出问题出在 SNI 上,请参阅: https : //security.stackexchange.com/questions/101965/ssl3-error-when-requesting-connection-using-tls-1-2/102018#102018
https://en.wikipedia.org/wiki/Server_Name_Indication https://en.wikipedia.org/wiki/Server_Name_Indication
To solve this problem you need to add following parameter: icm/HTTPS/client_sni_enabled and set it to TRUE on the DEFAULT profile.要解决此问题,您需要添加以下参数:icm/HTTPS/client_sni_enabled 并在 DEFAULT 配置文件中将其设置为 TRUE。 Afterwards you need to restart the application server in order to activate the effects of the parameter.
之后您需要重新启动应用程序服务器才能激活参数的效果。
Link to the full question on SCN: https://answers.sap.com/questions/473015/sap-ssl-handshake-failed.html SCN 上完整问题的链接: https : //answers.sap.com/questions/473015/sap-ssl-handshake-failed.html
EDIT: I came across this error again later on, but this time it seemed that the error was caused because we used a certificate with TLS 1.2 which was not supported by our system.编辑:我稍后再次遇到此错误,但这次错误似乎是因为我们使用了系统不支持的 TLS 1.2 证书。 You can check this link: https://launchpad.support.sap.com/#/notes/510007 we implemented number 7 to fix this.
您可以查看此链接: https : //launchpad.support.sap.com/#/notes/510007我们实施了第 7 项来解决此问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.