Self Signed Certificate on SAP SL not working

Question

We are having issue with one of our client in service layer. While calling any API of SAP Service Layer, we were getting this messsage :

"The request was aborted: Could not create SSL/TLS secure channel."

They have confirmed that their IP is not HTTPS and we can access it by disabling the SSL check. We did this on postman and got the success. I believe that we have to modify our adapter code in such a way that it should work with SSL and without SSL.

Below link which says similar error.
https://stackoverflow.com/questions/2859790/the-request-was-aborted-could-not-create-ssl-tls-secure-channel

Are we missing something ?

solved 0
Shankar 5 months 2 Answers 138 views Beginner 0

Answers ( 2 )

  1. As you are using SAP B1 Service Layer, I am restricting the answer to that product only.

    It seems you are getting an error :
    The request was aborted: Could not create SSL/TLS secure channel.
    The problem appears when the certificate which is used to encrypt the request and decrypt the response is not available on the machine.

    In windows, there is a certificate store present with every browser. Executable use the native browser engine which is IE by default. So the Self signed certificate needs to be available to IE before calling any https calls. The TLS level security ensures the Socket to Socket connectivity is maintained.

    But as your server does not have certificate, it sends the data in raw format, and in response you get the error.

    One solution is to forcefully download the certificate and install in the certificate store. This link will help you in this regard :
    https://answers.sap.com/questions/613981/download-certificate-for-service-layer.html

    Other than that, sometimes an error might appear when you have not configured the Web application correctly on the server.

    Steps to reconfigure are:
    Go to b1s.config and Change the value of CorsEnable to true and CorsAllowedOrigin = *.
    This will allow the cross domain calls to the APIs.

    Also please confirm whether TLS1.2 is enabled on the server.

    Best answer
  2. Hi,

    The problem is purely an Https failure. The meaning of the issue is even though the Https is not supported for an URL, you are still trying to call it over http.

    This is a server rejection because Http calls are not supported. Some server does support both Http and Https, but in your case it seems to be not working.

    To fix this, enable http in the server, or give option to download self signed certificates.

Leave an answer

Please Log in to answer to this question .