Discontinuation of TLS 1.0/1.1 on PTV xServer Internet

Bernd Welter · Post by **Bernd Welter** » Mon Mar 11, 2024 5:13 pm

Hi there,

as you may have seen in the article

PTV World City Map cluster Here with API Version 2
- Migration to new infrastructure and termination of TLS 1.0 and 1.1

we are about to disable the availability of TLS 1.0 an d TLS 1.1 on our cloud infrastructure aka "PTV xServer Internet 2".

As SAP is somehow special when it comes to the usage of network services it might be necessary for your SAP system administrators to crosscheck the available protocols if you access the PTV services.

I am not an expert in SAP, therefore I try to use this forum to trigger anyone with proper knowledge to assist

Bernd

PS : PTV Developer uses TLS 1.2 and will soon be extended to TLS 1.3

MISTERX · Post by **MISTERX** » Mon Mar 11, 2024 5:56 pm

For detailed, expert information, see SAP Note 510007- Additional considerations about setting up SSL on Application Server ABAP

wessendorf · Post by **wessendorf** » Mon Mar 25, 2024 4:00 pm

I see here now issue. The protocol is outdated and not safe.

Bernd Welter · Post by **Bernd Welter** » Tue Mar 26, 2024 8:20 am

Thanks for your contribution, folks!

Your input will be forwarded to those who might run into this

Bernd

Bernd Welter · Post by **Bernd Welter** » Mon Jul 01, 2024 3:05 pm

Well, as announced : we recently disabled TLS 1.0/1.1 on 25.6.2024 on PTV xServer2 production and unfortunately some clients seem to run into errors such as

What you have to check then is

Does your client host have access to the following URL via a regular browser? https://xserver2.cloud.ptvgroup.com/ - if not, then we have a generic issue between the host machine and the destination URL
Now the more tricky part iy probably how to check the access of a specific application. Honestly spoken: I am not an SAP guy and therefore I need the community to contribute in a way Mister X and Michael W. did above: Who can guide SAP administrators in this topic?

PS: here's some test I recorded in the context of one of the australian clusters:
https://youtu.be/E0KBcuMJyk8
SHows the concept of "how to validate ya token has access..."

Howard · Post by **Howard** » Mon Jul 01, 2024 3:12 pm

MISTERX wrote: ↑Mon Mar 11, 2024 5:56 pm For detailed, expert information, see SAP Note 510007- Additional considerations about setting up SSL on Application Server ABAP

I exported the SAP Note as a PDF file for those that do not have a SAP user.

Howard · Post by **Howard** » Mon Jul 01, 2024 3:18 pm

There is also to SAP Note "2781565 - Enhancement on task Check Client Cipher Suite Profile Parameter" with a description on how to Check TLS version in the SAP system.

PTV Logistics Product Forum

Discontinuation of TLS 1.0/1.1 on PTV xServer Internet

Discontinuation of TLS 1.0/1.1 on PTV xServer Internet

Re: Discontinuation of TLS 1.0/1.1 on PTV xServer Internet

Re: Discontinuation of TLS 1.0/1.1 on PTV xServer Internet

Re: Discontinuation of TLS 1.0/1.1 on PTV xServer Internet

Re: Discontinuation of TLS 1.0/1.1 on PTV xServer Internet

Re: Discontinuation of TLS 1.0/1.1 on PTV xServer Internet

Re: Discontinuation of TLS 1.0/1.1 on PTV xServer Internet