0

We have recently upgraded our Tomcat version to 9.0.20 from Tomcat 7 and our users report that they are not able to connect to our system any longer due to the below error.

Error while sending message: Could not send Message. Peer sent alert: Alert Fatal: handshake failure

We have checked the SSL certificates and everything is in place and even we have verified the TLS version in the source SAP system. However this issue is noticed only in SAP systems who are using our webservices. So I would like to know what details I need to check at SAP side to fix this issue.

Please note that when I switch back to Tomcat7, the connection works perfectly fine. I have compared the server.xml of both the versions and don't see any difference apart from the below line.

Tomcat 7: protocol="HTTP/1.1"
Tomcat 9: protocol="org.apache.coyote.http11.Http11NioProtocol"

Appreciate response.

Thanks!

Sandra Rossi
  • 11,934
  • 5
  • 22
  • 48
user1194310
  • 129
  • 1
  • 4
  • 14
  • Does 'only noticed in SAP' mean _other_ clients are _successful_? If so, what? Browser(s)? Which? Java? What middleware(s), and JVM versions? dotnet? JS? Windows (native)? MacOS? iOS? Android? PHP? perl? curl? with which stack(s)? wget? Can you run the server with `-Djavax.net.debug=ssl,handshake` and capture at least a failure case, and maybe one or two success cases also? – dave_thompson_085 Jan 30 '20 at 10:38
  • We have tried accessing the webservice URL from Java, SOAP UI and even the systems who consume the webservices directly dont have any issue. I will run the query in the SAP system and get back. – user1194310 Feb 01 '20 at 03:16
  • Which SAP software is it? As you are talking about the cipher suites which was a known issue on ABAP-based solutions (e.g. Profile Parameter `ssl/ciphersuites`), maybe it's software like SAP ERP. – Sandra Rossi Jul 16 '23 at 17:40

1 Answers1

0

The issue was apparently with the cipher suites being used in SAP system. Adding new cipher suites which supports TLS 1.1 and TLS 1.2 worked and the issue was resolved.

user1194310
  • 129
  • 1
  • 4
  • 14