cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Catching com.jcraft.jsch.JSchException: Algorithm negotiation fail

Former Member

on ‎2018 Sep 27 6:30 PM

0 Kudos
4,275

Hi,

I received Algorithm negotiation fail error when trying to connect to External SFTP server.

External server told that SAP PI key exchange algorithm need to be changed to any of the below for successful connection.

  • DH_GROUP_EXCHANGE_SHA256
  • ECDH_NISTP256
  • I ran the SFTP trace and found the same issue. Where can we change the key exchange algorithm settings in SAP PI to reflect to any of above more secure key exchange algorithms.
  • I do not think upgrade to latest patch is required. as we are in SAP 7.4. SFTP adapter version is 4, path 18.
  • Thanks!!!

    • Know the answer?

    Help others by sharing your knowledge.

    Answer

    Need more details?

    Request clarification before answering.

    Show replies
    Show replies

    Accepted Solutions (0)

    Answers (2)

    Answers (2)

    PavanKumar
    Active Contributor
    ‎2018 Sep 28 9:13 AM
    0 Kudos

    Hi Venu,

    Please refer the below Note

    2344454 - "com.jcraft.jsch.JSchException: Algorithm negotiation fail" error in Message Monitoring wh...

    Regards

    Pavan

    Show replies
    Show replies
    apu_das2
    Active Contributor
    ‎2018 Sep 28 7:41 AM
    0 Kudos

    SHA1/SHA256 is used for signing the data and in SFTP adapter this is required to configure in the module parameter of CC.

    If you have already used PGPEncryption standard module then you can change the type of algorithm under parameter name SignatureAlgorithm.

    Accordingly, you need to import and mention the certificate name in the parameter

    ownPrivateKey and the passphrase under pwdOwnPrivateKey

    Show replies
    Show replies
    manoj_khavatkopp
    Active Contributor
    ‎2018 Sep 28 12:33 PM
    0 Kudos

    This has nothing to do with PGP. The algorithm negotiation happens for SSH handshake.

    @Venu: I would suggest you run xpi_inspector and see what algo does your PI adapter uses, I remember there is an option to set externally in Advantaco SFTP adapter but not in SAP, I would highly recommend you to check below note provided by pavan.

    And in case of you are using SSH keys for authentication make sure you generated with the required algo.

    Ask a Question