cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Initial configuration of sap customer checkout manager showing TLS Error

Go to solution
former_member149698
Explorer

on ‎2022 Mar 16 7:51 PM

0 Kudos
1,796

Hello Guys,

While doing the initial configuration of customer checkout manager , ( SQL Database) I am getting an error like

"The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "The server selected protocol version TLS10 is not accepted by client preferences [TLS13, TLS12]". ClientConnectionId:dd0fdb08-fe57-438a-961c-6c02c54934e8"

I am attaching the error and configuration details provided.screenshot-12.pngscreenshot-13.png

Currently I am using SP12 PATCH LEVEL 7. Kindly help me to solve the issue.

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (1)

Accepted Solutions (1)

JoaoC
Participant
‎2022 Mar 21 10:39 AM

Hello Vishnu,

the error you posted initially shows the problem lies on the DB side. You said you're using SQL Server 2012, and that's probably the root cause. The 2012 edition didn't support TLSv1.2 initially, it only came with later updates. On the other hand, newer versions of Java 11 have support for TLSv1.0/1.1 disabled (best industry practice nowadays). So your CCOM is trying to use TLSv1.2, but it's saying the DB it is trying to connect to doesn't support it - but rather only the old v1.0 protocol.

You can try to upgrade your SQL 2012 instance to SP4 together with the latest security fixes (latest build: v11.0.7507.2), and then try again the DB connection setup from within CCOM - that should do the trick.

Regards

Show replies
Show replies
former_member149698
Explorer
‎2022 Apr 10 8:35 AM
0 Kudos

Dear Joao ,

i hope what you have suggested is the correct answer. I am going to upgrade the server, once its connected. i will update you. and close the thread.

Thanks for support

Vishnu Sivanandhan

former_member149698
Explorer
‎2022 Apr 16 2:42 PM
0 Kudos

In this server , some updates has been done automatically and after that i am able to login to CCO manager. I didnt update the server to 2019. still in 2012 but i hope some updates happened in the server cleared the issue.

Answers (2)

Answers (2)

amontella96
Active Contributor
‎2022 Mar 17 10:58 PM

Hi vishnu-109

as per note 2199062 "edit lib/security/java.security and remove TLSv1 and TLSv1.1 from the jdk.tls.disabledAlgorithms property"

Then if it works, you may start the investigation on why that test is running on tls below 1.2

cheers!A

Show replies
Show replies
former_member149698
Explorer
‎2022 Mar 18 12:13 PM
0 Kudos

Dear Amo,

i have installed SAPMACHINE JRE 11.0.1,

i checked under the path C:\Program Files\Java\sapmachine-jre-11.0.14.1\lib\security but am unable to find the Java.security file. I am attaching the file details under the path C:\Program Files\Java\sapmachine-jre-11.0.14.1\lib\security. Kindly check and let me know which file i need to editscreenshot-14.png

Regards

Vishnu Sivanandhan

amontella96
Active Contributor
‎2022 Mar 18 4:18 PM
0 Kudos

hey vishnu-109

while im investigating, can u check whats in the default.policy?

thanks!A

former_member149698
Explorer
‎2022 Mar 18 4:35 PM
0 Kudos

default.txt Hi Amo,

I checked the default policy file not able to find jdk.tls.disabledAlgorithms property. I am attaching the file for your reference.

Regards

Vishnu

amontella96
Active Contributor
‎2022 Mar 18 6:07 PM
0 Kudos

hey vishnu-109

i'm starting to get the grip on your landscape 🙂 so bear with me...

While i'm checking how sapmachine jre sec policy works, can you clarify if your sql server support tls1.2 ? if you have doubts refer to kb3135244

also let see if we can get a boss in this thread, bikash.bansal can you throw some light on where the issue sits?

I'll get you sorted!A

former_member149698
Explorer
‎2022 Mar 21 8:51 AM
0 Kudos

Dear Amo,

we are using OS windows server 2019 standard. As per note windows server 2019 will support TLS 1.2 by default.

currently i am working on SQL version- Microsoft SQL server 2012 and Sap Business one 9.3 PL07. I tried to connect CCO manager to another test environment ( which is in same network) having SQL version - Microsoft SQL SERVER 2019 (RTM) and SAP Business one version 10.0 FP 2011. i am able to connect without any issues. This test server also working on OS windows server 2019.

amontella96
Active Contributor
‎2022 Mar 21 9:54 PM
0 Kudos

Hey vishnu-109

i think sa0016187518 gave you the right answer, right?

Let us know!A

anderson_schmitt
Product and Topic Expert
Product and Topic Expert
‎2022 Mar 17 12:03 PM
0 Kudos

Hi Vishnu,

Is the TLS 1.2 enabled in your Internet Options?

You can check it in the Control Panel > Internet Options > Advanced
Scroll to the bottom and check if the "Use TLS 1.2" is enabled

Regards,
Anderson

Show replies
Show replies
former_member149698
Explorer
‎2022 Mar 17 9:26 PM
0 Kudos

Hu Schmitt,

TLS 1.2 is enabled in internet options already.

Regards

Vishnu

Ask a Question