SAP Knowledge Base Article - Public

2806482 - "The Request Was Aborted: Could Not Create SSL/TLS Secure Channel" While Trying to Log On To an Add-In

Symptom

You're trying to log on to the Outlook or Excel add-ins for SAP Cloud for Customer or SAP Business ByDesign, but error message "The request was aborted: could not create SSL/TLS secure channel" is raised.

logon_error.jpg

Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.

Environment

  • SAP Cloud For Customer
  • SAP Business ByDesign

Cause

You're using TLSv1.0 protocol, which is no longer supported.

As a part of our commitment to continuous improvement and to follow industries best practices, we plan to configure our servers to support only the latest protocol versions TLSv1.1 and TLSv1.2.

Resolution

To solve this error, you must ensure .NET Framework is using SSL/TLS 1.1 on Windows settings.

There are two options for solving this: editing the Windows registry or reinstalling the .NET Framework.

1) Editing the Windows registry:

Please ensure that you have the below settings enabled in your Windows machine to avoid connectivity issues from SAP Cloud For Customer and SAP Business ByDesign application add-ons:

  1. In your Windows PC, go to Windows search and type "Regedit".
  2. Click the Yes button; it opens the Registry Editor.
  3. Open the path below based on the version of .NET Framework installed on your machine, in this case it is 4.0.30319:

Please note: It needs to be done on both paths below. 

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319

reg_edit_changes.jpg

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v 4.0.30319

reg_edit_changes2.jpg

If you find the value defined as 0 instead of 1, follow below steps to change “data” from 0 to 1 and further test the result:

Key: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319 
Value: SchUseStrongCrypto
Type: REG_DWORD
Data: 1

Key:Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319
Value: SchUseStrongCrypto
Type: REG_DWORD
Data: 1

If you don't find the "SchUseStrongCrypto" in your registry inside one or both of the .NET Framework paths, please create one by following the steps below:

Please note: Your machine account will need to have administrator privileges.

  1. Right-click in the empty space.
  2. Select New.
  3. Click the DWORD (32-bit) Value.
  4. Type the name "SchUseStrongCrypto" for the newly created entry.
  5. Double-click "SchUseStrongCrypto" again to edit it.
  6. Make sure that Value Data is 1. 

reg_edit_create1.jpg

reg_edit_create2.jpg

reg_edit_create3.jpg

2) Reinstalling the .NET Framework:

If you still find an issue with SAP Cloud For Customer/SAP Business ByDesign add-ins connecting to the application or if the registry is already set to 1, then reinstall the .NET Framework to 4.6.2 or higher versions and perform the above steps again for this newer version.

How to reinstall .NET Framework:

  1. In your Windows PC, go to Windows search and type "Turn Windows features on or off."
  2. Deselect the checkboxes related to .NET Framework.
  3. Click the Ok button.

2019-06-25_14-27-08.png

Windows will uninstall .NET Framework. When it is finished, go back to "Turn Windows features on or off."

  1. Select the checkboxes related to .NET Framework again.
  2. Select "Let Windows Update download the files for you." This will install and update it.

2019-06-25_15-00-42.png

 

See Also

SAP Community blog "Disabling TLSv1.0 protocol and 3DES cipher suite for Inbound communication to ByD"

Keywords

TLS; Logon; SSL; Outlook; Excel: Add-in; Add-on;  el; TLS v1.0; TLS v1.1; .NET Framework , KBA , SRD-CC-OIN-XL , Excel Integration , SRD-CC-OIN-GW , Groupware , How To

Product

SAP Business ByDesign all versions ; SAP Cloud for Customer add-ins all versions ; SAP Cloud for Customer core applications all versions