Fix Error Login SAP Business One – security certificate from Windows Update

Please follow this steps to Fix Error Login SAP Business One with warning message security certificate.
This error because after your PC run security update from Windows. It blocked some SAP connection certificate and ports to SAP Server.
Fix Steps :

Workaround to SAP version 9.1

1. Check the config.xml file (C:Program Files (x86)SAPSAP Business One ServerB1_SHRConfig) and ensure the License server port is correct, such as 30000.
2. Back up the server.xml file (C:Program Files (x86)SAPSAP Business One ServerToolsSystem Landscape Directorytomcatconf).
   On Linux the server.xml file can be found in the following location:
   /usr/sap/SAPBusinessOne/Common/tomcat/conf
3. Open server.xml in conf
4. Find the element in this xml.
5. Change the attribute sslEnabledProtocols value to TLSv1,TLSv1.1,TLSv1.2 (green box on picture below)
   
6. Add a new attribute (blue box on picture below) :

   ciphers="TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_256_GCM_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA384,TLS_RSA_WITH_AES_256_CBC_SHA"

   

7. After updating the xml file, restart the SLD service.
8. Log on to SAP Business One

Workaround to SAP versi 9.2 & 9.3

1. Check the config.xml (C:Program Files (x86)SAPSAP Business One ServerB1_SHRConfig) and ensure the License server port is correct, such as 40000
2. Back up the server.xml file (C:Program Files (x86)SAPSAP Business One ServerToolsCommontomcatconf).
   On Linux the server.xml file can be found in the following location:
   /usr/sap/SAPBusinessOne/Common/tomcat/conf
3. Open server.xml in conf
4. Find the element in this xml
5. Find ciphers and remove all ciphers starting with TLS_DHE_RSA_WITH_AES:
   TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
   TLS_DHE_RSA_WITH_AES_128_GCM_SHA384
   TLS_DHE_RSA_WITH_AES_128_GCM_SHA
   TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
   TLS_DHE_RSA_WITH_AES_128_CBC_SHA384
   TLS_DHE_RSA_WITH_AES_128_CBC_SHA
   TLS_DHE_RSA_WITH_AES_256_GCM_SHA256
   TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
   TLS_DHE_RSA_WITH_AES_256_GCM_SHA
   TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
   TLS_DHE_RSA_WITH_AES_256_CBC_SHA384
   TLS_DHE_RSA_WITH_AES_256_CBC_SHA
6. After updating the xml file, restart the SLD service
7. Log on to SAP Business One or try the installation of SAP Business One Server again

Copyright © PT Sterling Tulus Cemerlang – 2016

Also read:

• Logon Process Takes Longer than Usual
• Create Validation using Transaction Notification
• Requirements for Changing Decimal Digits in SAP Business One
• Run Query to Update or Insert Table when Create Document
• How To Troubleshoot Add-On Installation Failed