Hello,
we trying to make an connection with a SAP Message Server through SAP Process Orchestration, but we get a handshake failure.
The following cipher suites are supported by the SAP Message Server:
TLSv1.2:
ciphers:
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1)
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp256r1)
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1)
The JRE sent the following ciphers while doing the client hello:
Cipher Suites (14 suites)
Cipher Suite: TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d)
Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 (0xc07b)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 (0x00c0)
Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 (0xc07a)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 (0x00ba)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041)
Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
Cipher Suite: TLS_RSA_WITH_RC4_128_SHA (0x0005)
Is it possible to configure JRE to sent the TLS_ECDHE ciphers to the server?
I tried to disable the TLS_RSA ciphers with the setting jdk.tls.disabledAlgorithms in java.security, but JRE still sent the TLS_RSA ciphers to the server.
And i also played around with many other configurations like jdk.jar.disabledAlgorithms, jdk.tls.legacyAlgorithms and crypto.policy. But the JRE client still sending the TLS_RSA ciphers.
Hope you guys have a solution for this issue.
Best regards
Ka