Given that Certificate Authorities have already stopped issuing SHA-1 certificates, most likely, you have already addressed the use of SHA-1
certificates for inbound connections by migrating to SHA-2 certificates. In case you have not, this is a reminder for you to do so.
What’s Happening with Browsers?
Many browsers (eg, Google Chrome, MS IE) have now published their desupport plans for SHA-1. The timeline for desupport of SHA-1 is dependent on your certificate authority and your browser.
You need to ensure that your inbound connections are using SHA-2 signed PKI certificates. If you do not move to a SHA-2 certificate and the end-user browser requires one, your Oracle E-Business Suite users will receive a warning or error.
What Do You Need to Do?
Following the instructions in our documentation to meet the minimum requirements for using SHA-2 signed PKI certificates with Oracle E-Business Suite.
For TLS 1.2, refer to the following:
- Enabling TLS in Oracle E-Business Suite Release 12.2 (Note 1367293.1)
- Enabling TLS in Oracle E-Business Suite Release 12.1 (Note 376700.1)
For TLS 1.0 and SSLv3, refer to the following:
- Enabling SSL or TLS in Oracle E-Business Suite Release 12.2 (Note 2143101.1)
- Enabling SSL or TLS in Oracle E-Business Suite Release 12.1 (Note 2143099.1)
Note: TLS 1.2 is the latest version certified with Oracle E-Business Suite Release 12.2 and 12.1. As a reminder, we recommend that you migrate to TLS 1.2 for Oracle E-Business Suite Release 12.2 and 12.1.
References
- Enabling TLS in Oracle E-Business Suite Release 12.2 (Note 1367293.1)
- Enabling SSL or TLS in Oracle E-Business Suite Release 12.2 (Note 2143101.1)
- Enabling TLS in Oracle E-Business Suite Release 12.1 (Note 376700.1)
- Enabling SSL or TLS in Oracle E-Business Suite Release 12.1 (Note 2143099.1)
- FAQ: Oracle E-Business Suite Security (Doc ID 2063486.1) References
Related Articles