The use of mod_ssl is being phased in along with OpenSSL for the E-Business Suite 12.1 product line. Oracle E-Business Suite Release 12.1 is migrating to OpenSSL and mod_ssl technology in order to future proof the TLS implementation. OpenSSL and mod_ssl are required for TLS 1.1 or TLS 1.2 and to support new cipher suites.
We provided support for mod_ssl and OpenSSL in a phased approach, so that deployment can be planned methodically. Given the rate of SSL and TLS vulnerabilities that have been found recently and the limited number of strong cipher suites supported with Oracle Wallet, we highly recommend that our customers make the transition to TLS 1.1 or 1.2 sooner rather than later. This way, migrating does not have to be done as a fire drill.
You should follow the instructions in Enabling TLS in Oracle E-Business Suite Release 12.1 (Note 376700.1) to implement or migrate to OpenSSL and mod_ssl.
For reference, the older mod_ossl (SSL v3 and TLS 1.0) which uses the Oracle wallet for the certificates is documented in Enabling SSL or TLS in Oracle E-Business Suite Release 12 (2143099.1).
Related Articles
- Enhance E-Business Suite Security By Switching to TLS
- TLS 1.2 Certified with E-Business Suite 12.1
- Frequently Asked Questions about EBS Security
- Critical Patch Update for October 2017 Now Available
References
- Enabling TLS in Oracle E-Business Suite Release 12.1 (Note 376700.1)
- FAQ: Oracle E-Business Suite Security (Note 2063486.1)
- Secure Configuration for Oracle E-Business Suite Release 12 (Note 403537.1)