I'm pleased to announce that SHA-2 signed PKI certificates are now certified for inbound connections to the Oracle HTTP Server (OHS) delivered with Oracle E-Business Suite 12.1.3.
As published in a prior blog article, SHA-2 signed PKI certificates are already certified for outbound connections from Oracle E-Business Suite 12.1.3.
If you are enabling SSL/TLS for the first time for Oracle E-Business Suite 12.1.3, refer to the following for all prerequisite requirements and post steps:
If you have already enabled SSL or TLS and are updating to a SHA-2 signed PKI certificate with the OHS for Oracle E-Business Suite 12.1.3, refer to the following for all prerequisite requirements and post steps:Enabling SSL/TLS in Oracle E-Business Suite Release 12, Section 11 (Note 376700.1)
Overview of the Requirements
The following is a summary of the requirements for deploying a SHA-2 signed PKI certificate for inbound connections to the OHS for Oracle E-Business Suite 12.1.3 include the following:
If you have not already updated to the OPatch 9i, 10.1 version 188.8.131.52.63 or later, download and install it. For the latest OPatch information, refer to the following:OPatch for Oracle Application Server 10g (10.1.2, 10.1.3, 10.1.4), (Note 283367.1)
The minimum requirement is to upgrade the Oracle Fusion Middleware 10.1.3 Oracle Home to 10.1.3.5 per the following:
The minimum CPU requirement for the Oracle Fusion Middleware 10.1.3.5 is the October 2015 CPU level (Patch 21845960) per the following:
Note: Testing is performed with all CPU patches applied across the technology stack components and the Oracle E-Business Suite. It is possible to apply the October 2015 CPU (Patch 21845960) to FMW 10g without applying the Oracle E-Business Suite October 2015 CPU or Oracle Database October 2015 CPU/PSU; however, we recommend that customers apply the latest CPU across all technology stack components and the Oracle E-Business Suite.
Post steps include generating the CSR to obtain the SHA-2 signed PKI certificate from your certificate authority (CA). Once you have the certificate, you will import it using Oracle Wallet.
Refer to the appropriate section in the following My Oracle Support note for the complete list of post-steps for your environment:
Pending Platform Certifications
For AIX, HP Itanium and Windows, there will be an additional patch required on top of the FMW 10g Oracle Home October 2015 CPU. The required patch is currently in development.
Oracle's revenue recognition policy prohibits us from providing time lines and dates for future certifications and releases. Please monitor this blog for the latest in certification announcements.