« New Minimum Release 11i Techstack Standards | Main | Upgrading to E-Business Suite Release 12 »

New Secure Sockets Layer Features in Release 12

By Steven Chan on June 12, 2006 8:27 AM

E-Business Suite Release 12 will include a raft of new SSL-related features, including a new mod_ossl plug-in, use of Oracle Wallet Manager, and optional use of Oracle Certificate Authority for PKI deployments.

Oracle Certificate Authority Screenshot:

The most significant change for Secure Sockets Layer (SSL) support in E-Business Suite Release 12 is expected to be the use of the mod_ossl module for the Oracle HTTP Server.  Like mod_ssl, the mod_ossl plug-in enables strong cryptography for Oracle HTTP Server.  In contrast to the OpenSSL module, mod_ossl is based on the Oracle implementation of SSL, which supports SSL 3, and is based on Certicom and RSA Security technology.

Release 12 SSL certificates will be managed by the Oracle Wallet Manager 10g, which will be accessible via a graphical user interface (GUI) or via a command line interface (CLI), for all of you die-hard purists out there.

Forms Listener Servlet won't need a separate certificate, and will share the same wallet as the Oracle HTTP Server. 

If you're interested in deploying public key infrastructure (PKI) technologies in your organization, you will also have the option of using the Oracle Certificate Authority (OCA) to issue and manage X.509 digital client certificates.  End-users and servers will be able to use these digital certificates to authenticate themselves to Release 12.

The above is intended to outline our general product direction.  It is intended for information purposes only, and may not be incorporated into any contract.   It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decision.  The development, release, and timing of any features or functionality described for Oracle's products remains at the sole discretion of Oracle. 

Tags:

Filed under: EBS Release 12 , Security  •  Comments (2)  •  Share

Comments (2)

sam:

does this mean that we no longer need to buy certificates from 3rd party companiew like verisign,but instead use certificates from OCA

Posted by sam | June 13, 2006 9:10 AM

Posted on June 13, 2006 09:10

Steven Chan:

Well, it depends on what you how you wish to use the certificates.If you want to:Allow your end-users to authenticate themselves to the E-Business Suite or Oracle Single Sign-On;Allow your servers to use SSL between themselves (e.g. for application server to database server traffic)Then the Oracle Certificate Authority will be sufficient to accomplish that.  See this whitepaper:Oracle Application Server Certificate Authority - White paper (PDF)(on the useful Oracle Application Server Certificate Authority website)If you want to your users' certificates to be recognized by external entities outside of your organisation, that's a different story.  That requires external entities to trust your certificates.  There are profound security and procedural implications for this.  I would recommend that you research "Certificate Authorities" to help you understand these implications better.Regards,Steven

Posted by Steven Chan | June 13, 2006 10:21 AM

Posted on June 13, 2006 10:21

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

About This Entry

This page contains a single entry from the blog posted on June 12, 2006 8:27 AM.

The previous post in this blog was New Minimum Release 11i Techstack Standards.

The next post in this blog is Upgrading to E-Business Suite Release 12.

Many more can be found on the main index page or by looking through the archives.

Google Search


Only search this blog

Categories

Archives

Links

Subscribe to Updates

RSS icon Subscribe via RSS
Feedburner icon Subscribe by Email

Tag cloud

Powered by
Movable Type and Oracle