Symptom

When logging into SAP Business One 9.1 or below versions, the following error message is displayed:

"There is a problem with the server's security certificate. The security certificate is not from a trusted certifying authority. SAP Business One is unable to connect to the server."

Or

"When trying to install the SAP Business One Server you get the error "Authentication against the specified License Server has failed. Check your Site User password."

Or

The “Choose Company” window in SAP Business One is empty.

Or

The SLD website is not available and showing an error like:

ssl_error_weak_server_ephemeral_dh_key

Or

You recently installed Windows updates and you are no longer able to connect to SAP Business One.

Cause

Implementation of Microsoft Windows updates.


As an example, the following updates might be causing the described symptoms.

Microsoft KB Affected Operating System(s)
KB3161608 Windows 7 SP1
... Windows 8
KB3161606 Windows 8.1
KB3161608 Windows Server 2008 R2 SP1
KB3172605 Windows 7 SP1 and Windows Server 2008 R2 SP1
... ...

Please note that new updates can be released by Windows which cause similar issues.

Solution

The recommended solution is to upgrade to SAP Business One 9.2. 

As short-term workaround, for SAP Business One 9.1 only, you could try any of following workarounds:

Workaround A:

1. Back up the server.xml file (C:\Program Files (x86)\SAP\SAP Business One ServerTools\System Landscape Directory\tomcat\conf).

    On Linux the server.xml file can be found in the following location: /usr/sap/SAPBusinessOne/Common/tomcat/conf

2. Open server.xml in <tomcat>\conf

3. Find element <Connector> in this xml. 

4. Change attribute sslEnabledProtocols value to "TLSv1,TLSv1.1,TLSv1.2" 

5. Add a new attribute:-

ciphers="TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA384,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_256_GCM_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA384,TLS_RSA_WITH_AES_256_CBC_SHA"

6. After update the xml file, please restart SLD service. 

7. Then logon to SAP Business One or try the installation of SAP Business One Server again.

For more information and discussions please see the SAP Business One Application space on SCN, http://scn.sap.com/community/business-one/content.

Workaround B:

1. Logon to the problematic workstation.

2. Click Start, click Run, type regedit in the Open box, and then click OK.

3. Locate and then click the following subkey in the registry, if this sub key does not exist, please create a new key with this name:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\Diffie-Hellman

4. On the Edit menu, point to New, and then click DWORD (32 bits) Value.

5. Type ClientMinKeyBitLength for the name of the DWORD, and then press Enter.

6. Right-click ClientMinKeyBitLength, and then click Modify.

7. In the Value data box, type 00000200, and then click OK.

8. Exit Registry Editor, and then restart the computer.

If you are still experiencing issue after either using this workaround for SAP Business One 9.1 or after upgrading to SAP Business One 9.2, please log an incident with SAP Business One Support.

Mehr
 
Produkt
 
Listensicht
Produkt oder Produktversion  
SAP B1 9.1 FOR SAP HANA  
SAP BUSINESS ONE 9.1  
 
Mehr
 
Attributes
 
Listensicht
Name Value  
Weitere Komponenten SBO-BC-INT Installationen  
 
Mehr