Tuesday Apr 19, 2016

Critical Patch Update for April 2016 Now Available

The  Critical Patch Update (CPU) for April 2016 was released on April 19, 2016.  Oracle strongly recommends applying the patches as soon as possible.

The Critical Patch Update Advisory is the starting point for relevant information. It includes a list of products affected, pointers to obtain the patches, a summary of the security vulnerabilities, and links to other important documents.

Supported products that are not listed in the "Supported Products and Components Affected" Section of the advisory do not require new patches to be applied.

Also, it is essential to review the Critical Patch Update supporting documentation referenced in the Advisory before applying patches, as this is where you can find important pertinent information.

The Critical Patch Update Advisory is available at the following location:

The next four Critical Patch Update release dates are:

  • July 19, 2016
  • October 18, 2016
  • January 17, 2017
  • April 18, 2017

Oracle E-Business Suite References

My Oracle Support Knowledge Documents:

Web Library Book:

Tuesday Mar 29, 2016

EBS 12.1.3 Data Masking Template Certified with EM 12.1.0.5

(Contributing author:  Nirzari Raichura)

We're pleased to announce the certification of the E-Business Suite 12.1.3 Data Masking Template for the Data Masking Pack with Enterprise Manager Cloud Control 12.1.0.5.

You can use the Oracle Data Masking Pack with Oracle Enterprise Manager Grid Control 12c to mask sensitive data in cloned E-Business Suite environments.  Due to data dependencies, scrambling E-Business Suite data is not a trivial task.  The data needs to be scrubbed in such a way that allows the application to continue to function. 

How data masking works

You may scramble data in E-Business Suite cloned environments with EM12c using the following template:

What does data masking do in E-Business Suite environments?

Application data masking does the following:

  • De-identify the data:  Scramble identifiers of individuals, also known as personally identifiable information or PII.  Examples include information such as name, account, address, location, and driver's license number.
  • Mask sensitive data:  Mask data that, if associated with personally identifiable information (PII), would cause privacy concerns.  Examples include compensation, health and employment information.  
  • Maintain data validity:  Provide a fully functional application.

Support Note:

Related Articles

Friday Jan 22, 2016

Configuring Oracle XML Gateway for TLS

Oracle XML Gateway uses Oracle Transport Agent (OTA) - a lightweight messaging platform to transmit XML-based business transaction messages over HTTP and Secure HTTP (HTTPS) with trading partners. In general, it supports Server and Mutual Authentication mechanisms for inbound and outbound transactions over HTTPS.  Oracle XML Gateway now supports SHA-2 signed certificates and TLS protocol for XML-based transactions in Oracle E-Business Suite 12.1 and 12.2.

Diagram showing message flow protocols

Oracle E-Business Suite Release 12.2

For information on configuring Oracle XML Gateway for SSL/TLS in Oracle E-Business Suite Release 12.2, see:

Outbound transactions in Oracle E-Business Suite Release 12.2.3 and 12.2.4 require a patch; see the documentation for details.

Outbound transactions in Oracle E-Business Suite Release 12.2.5 and later EBS 12.2 updates do not require any additional patches.

Oracle E-Business Suite Release 12.1

For information on configuring Oracle XML Gateway for SSL/TLS in Oracle E-Business Suite Release 12.1.3, see:

References

Related Articles

Tuesday Jan 19, 2016

Critical Patch Update for January 2016 Now Available

The  Critical Patch Update (CPU) for January 2016 was released on January 19, 2016.  Oracle strongly recommends applying the patches as soon as possible.

The Critical Patch Update Advisory is the starting point for relevant information. It includes a list of products affected, pointers to obtain the patches, a summary of the security vulnerabilities, and links to other important documents.

Supported products that are not listed in the "Supported Products and Components Affected" Section of the advisory do not require new patches to be applied.

Also, it is essential to review the Critical Patch Update supporting documentation referenced in the Advisory before applying patches, as this is where you can find important pertinent information.

The Critical Patch Update Advisory is available at the following location:

The next four Critical Patch Update release dates are:

  • April 19, 2016
  • July 19, 2016
  • October 18, 2016
  • January 17, 2017
E-Business Suite Releases 11i and 12 Reference

Monday Dec 21, 2015

Now Automated: Integrating EBS 12.1 with Oracle Access Manager 11gR2

Contributing Author:  Allison Sparshott

Integrating Oracle E-Business Suite with Oracle Access Manager using Oracle E-Business Suite AccessGate for single sign-on requires the execution of a number of integration steps. The steps can be rather time consuming to perform and tedious to execute manually.

We are pleased to announce that Oracle E-Business Suite Release 12 (12.1.3+) can now be integrated with Oracle Access Manager 11g Release 2 (11.1.2.3.0) using new scripts to facilitate and automate the required integration steps.

The new integration automation scripts can be used to perform a number of the steps that previously needed to be executed manually. The following can be performed when using the integration automation scripts:

  • Configuring Oracle Access Manager WebGate
  • Deploying Oracle E-Business Suite AccessGate
  • Registering Oracle E-Business Suite with Oracle Access Manager.

For information on how to use the automation scripts to integrate Oracle E-Business Suite Release 12 (12.1.3+) with Oracle Access Manager 11gR2 (11.1.2), refer to the following My Oracle Support document:

Platforms Certified

The Oracle E-Business Suite AccessGate Java application is certified to run on any operating system for which Oracle WebLogic Server 11g is certified.  You may refer to the Oracle Fusion Middleware Release 11g (11.1.1.x) Certification Matrix for more details.

For information on supported platforms for Oracle Access Manager 11gR2 and its components, you may refer to the Oracle Identity and Access Management 11g Release 2 (11.1.2.3.0) Certification Matrix.

Integration with Oracle Access Manager involves components spanning several different suites of Oracle products. There are no restrictions on which platform any particular component may be installed so long as the platform is supported for that component.

Note:  Microsoft Windows is not currently certified with the integration automation scripts.

References

You may refer to the following My Oracle Support Knowledge Documents for additional details regarding certified architectures and versions:

Related Articles

Friday Dec 11, 2015

Oracle Unified Directory 11.1.2.3 Certified with EBS 12.2

Oracle Unified Directory 11gR2 Patchset 3 (11.1.2.3) is now certified with E-Business Suite 12.2.  Oracle Unified Directory can be used when enabling single sign-on capabilities for the E-Business Suite via Oracle Access Manager 11gR2.

This certification also includes Directory Integration Platform 11gR1 Patchset 7 (11.1.1.9), which is used to synchronize users between OUD and the E-Business Suite.  

See:

How does this relate to Oracle Internet Directory?

EBS 12.2 users now have the option of using either Oracle Internet Directory or Oracle Unified Directory when enabling single sign-on in their environments. 

Which one should I use?

From the perspective on an E-Business Suite end-user, both directories offer the same functionality, namely, end-users can log on to the E-Business Suite.  The choice really depends upon your user directory administrators.  You should use the one that meets your user administration requirements the best.

Here are the options.  If you're:

  • Running EBS 12.1, you can only use Oracle Internet Directory
  • Running EBS 12.2: you can use Oracle Internet Directory or Oracle Unified Directory

Do I need to switch from OID to OUD?

No.  You can continue to use Oracle Internet Directory with EBS 12.1 and 12.2.  There is no need to switch from Oracle Internet Directory to Oracle Unified Directory.

Can I eliminate both OID and OUD?

No.  When integrating E-Business Suite with Oracle Access Manager, EBS has hardcoded dependencies that require either OID or OUD.  You must have one of these two directories.

This article discusses OID but applies equally to OUD now.  The same technical dependencies exist for Oracle Unified Directory and Oracle Internet Directory when integrating the E-Business Suite with Oracle Access Manager. 

Certified Platforms

Oracle Unified Directory is certified to run on any operating system for which Oracle WebLogic Server 11g is certified. For information on operating systems supported by Oracle WebLogic Server 11g and Oracle Unified Directory, refer to the 'Oracle Fusion Middleware on WebLogic Server - System Certification' in the Oracle Fusion Middleware 11g Release 1 (11.1.1.x) Certification Matrix.

Integration with Oracle Unified Directory involves components spanning several different suites of Oracle products. There are no restrictions on which platform any particular component may be installed so long as the platform is supported for that component. 

Related Articles


Thursday Nov 26, 2015

SHA-2 PKI Certificates Certified with EBS 12.1.3 on Windows

As a follow-up to a prior announcement, SHA-2 signed PKI certificates are now certified for inbound connections to the Oracle HTTP Server (OHS) delivered with Oracle E-Business Suite 12.1.3 on Windows.  

As published in a prior blog article, SHA-2 signed PKI certificates are already certified for outbound connections from Oracle E-Business Suite 12.1.3.

Required Steps

If you are enabling SSL/TLS for the first time for Oracle E-Business Suite 12.1.3, refer to the following for all prerequisite requirements and post steps:

Enabling SSL/TLS in Oracle E-Business Suite Release 12, Section 3 (Note 376700.1)

If you have already enabled SSL or TLS and are updating to a SHA-2 signed PKI certificate with the OHS for Oracle E-Business Suite 12.1.3, refer to the following for all prerequisite requirements and post steps:

Enabling SSL/TLS in Oracle E-Business Suite Release 12, Section 11 (Note 376700.1)

Overview of the Requirements

The following is a summary of the requirements for deploying a SHA-2 signed PKI certificate for inbound connections to the OHS for Oracle E-Business Suite 12.1.3 include the following:

  • Update OPatch

If you have not already updated to the OPatch 9i, 10.1 version 1.0.0.0.63 or later, download and install it. For the latest OPatch information, refer to the following:

OPatch for Oracle Application Server 10g (10.1.2, 10.1.3, 10.1.4), (Note 283367.1)
  • Apply the minimum required patch level for the Oracle Fusion Middleware 10.1.3 Oracle Home

The minimum requirement is to upgrade the Oracle Fusion Middleware 10.1.3 Oracle Home to 10.1.3.5 per the following:

Upgrading to the Latest OracleAS 10g 10.1.3.x Patch Set in Oracle E-Business Suite Release 12 (Note 454811.1)

  • Apply the October 2015 CPU to the Oracle Fusion Middleware 10.1.3 Oracle Home

The minimum CPU requirement for the Oracle Fusion Middleware 10.1.3.5 is the October 2015 CPU level (Patch 21845960) per the following:

Oracle E-Business Suite Releases 11i and 12 Critical Patch Update Knowledge Document (October 2015) (Note 2051000.1)

Note: Testing is performed with all CPU patches applied across the technology stack components and the Oracle E-Business Suite. It is possible to apply the October 2015 CPU (Patch 21845960) to FMW 10g without applying the Oracle E-Business Suite October 2015 CPU or Oracle Database October 2015 CPU/PSU; however, we recommend that customers apply the latest CPU across all technology stack components and the Oracle E-Business Suite.

  • Apply platform-related patch to the Oracle Fusion Middleware 10.1.3 Oracle Home

For Windows, apply patch 22251660 to the Oracle Fusion Middleware 10.1.3.5 Oracle Home.

  • Perform all necessary post steps.

Post steps include generating the CSR to obtain the SHA-2 signed PKI certificate from your certificate authority (CA). Once you have the certificate, you will import it using Oracle Wallet.

Refer to the appropriate section in the following My Oracle Support note for the complete list of post-steps for your environment:

Enabling SSL/TLS in Oracle E-Business Suite Release 12, Section 11 (Note 376700.1)

Pending Platform Certifications

None. All platforms are now certified.

References

Related Articles

Monday Nov 23, 2015

SHA-2 PKI Certificates Certified with EBS 12.1.3 on AIX and Itanium

As a follow-up to a prior announcement, SHA-2 signed PKI certificates are now certified for inbound connections to the Oracle HTTP Server (OHS) delivered with Oracle E-Business Suite 12.1.3 on AIX and Itanium.  

As published in a prior blog article, SHA-2 signed PKI certificates are already certified for outbound connections from Oracle E-Business Suite 12.1.3.

Required Steps

If you are enabling SSL/TLS for the first time for Oracle E-Business Suite 12.1.3, refer to the following for all prerequisite requirements and post steps:

Enabling SSL/TLS in Oracle E-Business Suite Release 12, Section 3 (Note 376700.1)

If you have already enabled SSL or TLS and are updating to a SHA-2 signed PKI certificate with the OHS for Oracle E-Business Suite 12.1.3, refer to the following for all prerequisite requirements and post steps:

Enabling SSL/TLS in Oracle E-Business Suite Release 12, Section 11 (Note 376700.1)

Overview of the Requirements

The following is a summary of the requirements for deploying a SHA-2 signed PKI certificate for inbound connections to the OHS for Oracle E-Business Suite 12.1.3 include the following:

  • Update OPatch

If you have not already updated to the OPatch 9i, 10.1 version 1.0.0.0.63 or later, download and install it. For the latest OPatch information, refer to the following:

OPatch for Oracle Application Server 10g (10.1.2, 10.1.3, 10.1.4), (Note 283367.1)
  • Apply the minimum required patch level for the Oracle Fusion Middleware 10.1.3 Oracle Home

The minimum requirement is to upgrade the Oracle Fusion Middleware 10.1.3 Oracle Home to 10.1.3.5 per the following:

Upgrading to the Latest OracleAS 10g 10.1.3.x Patch Set in Oracle E-Business Suite Release 12 (Note 454811.1)

  • Apply the October 2015 CPU to the Oracle Fusion Middleware 10.1.3 Oracle Home

The minimum CPU requirement for the Oracle Fusion Middleware 10.1.3.5 is the October 2015 CPU level (Patch 21845960) per the following:

Oracle E-Business Suite Releases 11i and 12 Critical Patch Update Knowledge Document (October 2015) (Note 2051000.1)

Note: Testing is performed with all CPU patches applied across the technology stack components and the Oracle E-Business Suite. It is possible to apply the October 2015 CPU (Patch 21845960) to FMW 10g without applying the Oracle E-Business Suite October 2015 CPU or Oracle Database October 2015 CPU/PSU; however, we recommend that customers apply the latest CPU across all technology stack components and the Oracle E-Business Suite.

  • Apply platform-related patch to the Oracle Fusion Middleware 10.1.3 Oracle Home

For AIX and HP Itanium, apply patch 21948197 to the Oracle Fusion Middleware 10.1.3.5 Oracle Home.

  • Perform all necessary post steps.

Post steps include generating the CSR to obtain the SHA-2 signed PKI certificate from your certificate authority (CA). Once you have the certificate, you will import it using Oracle Wallet.

Refer to the appropriate section in the following My Oracle Support note for the complete list of post-steps for your environment:

Enabling SSL/TLS in Oracle E-Business Suite Release 12, Section 11 (Note 376700.1)

Pending Platform Certifications

There will be an additional patch required on top of the FMW 10g Oracle Home October 2015 CPU for Windows. The required patch is currently in development.

Oracle's revenue recognition policy prohibits us from providing time lines and dates for future certifications and releases. Please monitor this blog for the latest in certification announcements.

Related Articles

References

The preceding is intended to outline our general product direction.  It is intended for information purposes only, and may not be incorporated into any contract.   It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decision.  The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.

Thursday Nov 12, 2015

Quarterly EBS Upgrade Recommendations: November 2015 Edition

We've previously provided advice on the general priorities for applying EBS updates and creating a comprehensive maintenance strategy.   

Here are our latest upgrade recommendations for E-Business Suite updates and technology stack components.  These quarterly recommendations are based upon the latest updates to Oracle's product strategies, latest support timelines, and newly-certified releases

You can research these yourself using this Note:

Upgrade Recommendations for November 2015

  1. EBS 11i users should upgrade to 12.1.3 or 12.2.  Before upgrading, 11i users should be on the minimum 11i patching baseline.

  2. EBS 12.0 users should upgrade to 12.1.3 or 12.2.  Before upgrading, 12.0 users should be on the minimum 12.0 patching baseline.

  3. EBS 12.1 users should upgrade to 12.1.3 RPC4 or 12.2.  Before upgrading, 12.1 users should be on the minimum minimum 12.1 patching baseline.

  4. EBS 12.2 users should upgrade to EBS 12.2.5, Database 11.2.0.4 or 12.1.0.2, the October 2015 AD/TXK tools, StartCD 50, and FMW 11.1.1.9.

  5. Users staying on EBS 11i and 12.1 should upgrade to Database 11.2.0.4 or 12.1.0.2.

  6. EBS 11i and 12 users of Oracle Single Sign-On 10g users should migrate to OAM 11gR2 Patchset 3 11.1.2.3.0.

  7. Oracle Internet Directory users should upgrade to Oracle Internet Directory 11g 11.1.1.9.

  8. Oracle Discoverer users should migrate to Oracle Business Intelligence Enterprise Edition (OBIEE), Oracle Business Intelligence Applications (OBIA), or Discoverer 11g 11.1.1.7.

  9. Oracle Portal 10g users should migrate to Oracle WebCenter 11g 11.1.1.9 or upgrade to Portal 11g 11.1.1.6.

  10. All Windows desktop users should migrate from older Java releases (including JInitiator) to JRE 1.6.0_105 or later 1.6 updates or JRE 1.7.0_91 or later 1.7 updates or JRE 1.8.0_65 or later 1.8 updates.

  11. All EBS 11i, 12.0, 12.1, and 12.2 users must sign their environment's JAR files now.

  12. All Firefox users should upgrade to Firefox Extended Support Release 38.

  13. All EBS 11i, 12.0, 12.1, 12.2 users should apply the October 2015 Critical Patch Update.

  14. Windows XP and Office 2003 users should upgrade to later versions.

  15. All EBS customers on Exalogic and Exadata should follow the latest recommendations.

  16. All EBS customers should switch from Secure Socket Layer (SSL) to Transport Layer Security (TLS).

  17. EBS 12.1 users should switch their PKI certificates to SHA-2.

Related Articles

Tuesday Oct 20, 2015

SHA-2 Signed PKI Certificates Certified with EBS 12.1.3

I'm pleased to announce that SHA-2 signed PKI certificates are now certified for inbound connections to the Oracle HTTP Server (OHS) delivered with Oracle E-Business Suite 12.1.3.

As published in a prior blog article, SHA-2 signed PKI certificates are already certified for outbound connections from Oracle E-Business Suite 12.1.3.

Required Steps

If you are enabling SSL/TLS for the first time for Oracle E-Business Suite 12.1.3, refer to the following for all prerequisite requirements and post steps:

Enabling SSL/TLS in Oracle E-Business Suite Release 12, Section 3 (Note 376700.1)

If you have already enabled SSL or TLS and are updating to a SHA-2 signed PKI certificate with the OHS for Oracle E-Business Suite 12.1.3, refer to the following for all prerequisite requirements and post steps:

Enabling SSL/TLS in Oracle E-Business Suite Release 12, Section 11 (Note 376700.1)

Overview of the Requirements

The following is a summary of the requirements for deploying a SHA-2 signed PKI certificate for inbound connections to the OHS for Oracle E-Business Suite 12.1.3 include the following:

  • Update OPatch

If you have not already updated to the OPatch 9i, 10.1 version 1.0.0.0.63 or later, download and install it. For the latest OPatch information, refer to the following:

OPatch for Oracle Application Server 10g (10.1.2, 10.1.3, 10.1.4), (Note 283367.1)
  • Apply the minimum required patch level for the Oracle Fusion Middleware 10.1.3 Oracle Home

The minimum requirement is to upgrade the Oracle Fusion Middleware 10.1.3 Oracle Home to 10.1.3.5 per the following:

Upgrading to the Latest OracleAS 10g 10.1.3.x Patch Set in Oracle E-Business Suite Release 12 (Note 454811.1)

  • Apply the October 2015 CPU to the Oracle Fusion Middleware 10.1.3 Oracle Home

The minimum CPU requirement for the Oracle Fusion Middleware 10.1.3.5 is the October 2015 CPU level (Patch 21845960) per the following:

Oracle E-Business Suite Releases 11i and 12 Critical Patch Update Knowledge Document (October 2015) (Note 2051000.1)

Note: Testing is performed with all CPU patches applied across the technology stack components and the Oracle E-Business Suite. It is possible to apply the October 2015 CPU (Patch 21845960) to FMW 10g without applying the Oracle E-Business Suite October 2015 CPU or Oracle Database October 2015 CPU/PSU; however, we recommend that customers apply the latest CPU across all technology stack components and the Oracle E-Business Suite.

  • Perform all necessary post steps.

Post steps include generating the CSR to obtain the SHA-2 signed PKI certificate from your certificate authority (CA). Once you have the certificate, you will import it using Oracle Wallet.

Refer to the appropriate section in the following My Oracle Support note for the complete list of post-steps for your environment:

Enabling SSL/TLS in Oracle E-Business Suite Release 12, Section 11 (Note 376700.1)

Pending Platform Certifications

For AIX, HP Itanium and Windows, there will be an additional patch required on top of the FMW 10g Oracle Home October 2015 CPU. The required patch is currently in development.

Oracle's revenue recognition policy prohibits us from providing time lines and dates for future certifications and releases. Please monitor this blog for the latest in certification announcements.

Related Articles

References

Friday Jul 24, 2015

Quarterly EBS Upgrade Recommendations: July 2015 Edition

We've previously provided advice on the general priorities for applying EBS updates and creating a comprehensive maintenance strategy.   

Here are our latest upgrade recommendations for E-Business Suite updates and technology stack components.  These quarterly recommendations are based upon the latest updates to Oracle's product strategies, latest support timelines, and newly-certified releases

You can research these yourself using this Note:

Upgrade Recommendations for July 2015

  1. EBS 11i users should upgrade to 12.1.3 or 12.2.  Before upgrading, 11i users should be on the minimum 11i patching baseline.

  2. EBS 12.0 users should upgrade to 12.1.3 or 12.2.  Before upgrading, 12.0 users should be on the minimum 12.0 patching baseline.

  3. EBS 12.1 users should upgrade to 12.1.3 RPC3 or 12.2.

  4. EBS 12.2 users should upgrade to EBS 12.2.4, Database 11.2.0.4 or 12.1.0.2, the March 2015 AD/TXK tools, StartCD 49, and FMW 11.1.1.7.

  5. Users staying on EBS 11i and 12.1 should upgrade to Database 11.2.0.4 or 12.1.0.2.

  6. EBS 11i and 12 users of Oracle Single Sign-On 10g users should migrate to OAM 11gR2 Patchset 3 11.1.2.3.0.

  7. Oracle Internet Directory 10g users should upgrade to Oracle Internet Directory 11g 11.1.1.9.

  8. Oracle Discoverer users should migrate to Oracle Business Intelligence Enterprise Edition (OBIEE), Oracle Business Intelligence Applications (OBIA), or Discoverer 11g 11.1.1.7.

  9. Oracle Portal 10g users should migrate to Oracle WebCenter 11g 11.1.1.7 or upgrade to Portal 11g 11.1.1.6.

  10. All Windows desktop users should migrate from older Java releases (including JInitiator) to JRE 1.6.0_101 or later 1.6 updates or JRE 1.7.0_85 or later 1.7 updates or JRE 1.8.0_51 or later 1.8 updates.

  11. All EBS 11i, 12.0, 12.1, and 12.2 users must sign their environment's JAR files now.

  12. All Firefox users should upgrade to Firefox Extended Support Release 38.

  13. All EBS 11i, 12.0, 12.1, 12.2 users should apply the July 2015 Critical Patch Update.

  14. Windows XP and Office 2003 users should upgrade to later versions.

  15. All EBS customers on Exalogic and Exadata should follow the latest recommendations.

  16. All EBS customers should switch from Secure Socket Layer (SSL) to Transport Layer Security (TLS).

Related Articles

Friday Jul 17, 2015

Oracle Access Manager 11.1.2.3 Certified with E-Business Suite

I am pleased to announce that Oracle Access Manager 11gR2 Patchset 3 (11.1.2.3.0) is now certified with Oracle E-Business Suite Release 11i (11.5.10.2) and 12 (12.1.3+, 12.2.2+).  If you are implementing single sign-on for the first time, or are an existing Oracle Access Manager user, you may integrate with Oracle Access Manager 11gR2 using Oracle Access Manager WebGate and Oracle E-Business Suite AccessGate.


Platforms Certified

The Oracle E-Business Suite AccessGate Java application is certified to run on any operating system for which Oracle WebLogic Server 11g is certified.  You may refer to the Oracle Fusion Middleware Release 11g (11.1.1.x) Certification Matrix for more details.

For information on supported platforms for Oracle Access Manager 11gR2 and its components, you may refer to the Oracle Identity and Access Management 11g Release 2 (11.1.2.3.0) Certification Matrix.

Integration with Oracle Access Manager involves components spanning several different suites of Oracle products. There are no restrictions on which platform any particular component may be installed so long as the platform is supported for that component.

Choosing the Right Integration

Our previously published blog article and support note with single sign-on recommended and certified integration paths has been updated to include Oracle Access Manager 11gR2PS2:

References

You may refer to the following My Oracle Support Knowledge Documents for additional details regarding certified architectures and versions:

Related Articles

Wednesday Jul 15, 2015

Critical Patch Update for July 2015 Now Available

The  Critical Patch Update (CPU) for July 2015 was released on July 14, 2015.  Oracle strongly recommends applying the patches as soon as possible.

The Critical Patch Update Advisory is the starting point for relevant information. It includes a list of products affected, pointers to obtain the patches, a summary of the security vulnerabilities, and links to other important documents.

Supported products that are not listed in the "Supported Products and Components Affected" Section of the advisory do not require new patches to be applied.

Also, it is essential to review the Critical Patch Update supporting documentation referenced in the Advisory before applying patches, as this is where you can find important pertinent information.

The Critical Patch Update Advisory is available at the following location:

The next four Critical Patch Update release dates are:

  • October 20, 2015
  • January 19, 2016
  • April 19, 2016
  • July 19, 2016
E-Business Suite Releases 11i and 12 Reference

Tuesday Jun 23, 2015

Using a Reverse Proxy as an SSL/TLS Termination Point for EBS 12.1.3

[Contributing Author:  Madhu Majari]

We are currently working on the certification of SHA-2 with the Oracle HTTP Server (OHS) delivered with Oracle E-Business Suite 12.1.3.  As described in this blog article, a reverse proxy or load balancer can be used until that certification is available.  You can use a reverse proxy or load balancer as the end-point for the encrypted connection that is initiated by a client (for example, a browser). In other words, the reverse proxy or load balancer -- not Oracle HTTP Server -- acts as the TLS termination point.

Since that article was published, many customers have requested that we certify a reverse proxy for use as the TLS termination point with Oracle E-Business Suite Release 12.1. I’m pleased to announce that we have completed the certification of HAProxy 1.5.2 with Oracle E-Business Suite 12.1.3. HAProxy is an open source offering that provides load balancing and proxy solutions.

The certification of HAProxy 1.5.2 with Oracle E-Business Suite 12.1.3 provides the following configuration options:

  • Certificates signed with SHA-2 for inbound HTTP connections
  • TLS 1.2 with stronger cipher suites

Note: There are many reverse proxies and load balancers that can be used as an TLS termination point for Oracle E-Business Suite. If you already have a reverse proxy or load balancer deployed you may configure it as the TLS termination point for your Oracle E-Business Suite 12.1.3 environment. 

Deploying and Configuring HAProxy

For detailed installation instructions, refer to the following My Oracle Support Knowledge Document:

You may deploy HAProxy as follows:

  • On an existing Oracle E-Business Suite application tier
  • On a separate server or virtual machine

HAProxy is available as an installable RPM package as part of the Oracle Linux distribution. You can also download HAProxy and compile it for other operating systems (refer to the installation note for more details). On Oracle Linux you may install it as the root user with the following command: 

#yum install haproxy

The main configuration file is located here:

/etc/haproxy/haproxy.cfg

A summary of the configuration steps for HAProxy includes the following:

  • Define the IP address and and port for the Oracle E-Business Suite 12.1.3 environment.
  • Setup TLS protocols and avoid SSL 3.0. (This will the mitigate POODLE vulnerability.)
  • Enable strong cipher suites. (This will mitigate the FREAK vulnerability.)
  • Define the certificate (chain) with PEM files.
Example Deployment of HAProxy with Oracle E-Business Suite 12.1.3

If you have an existing Oracle E-Business Suite 12.1.3 environment configured with SSL/TLS per Enabling SSL in Oracle E-Business Suite Release 12 (Note 376700.1), then you may easily configure HAProxy to serve as the TLS termination point.

For example, given the following conditions for your Oracle E-Business Suite Oracle HTTP Server listener configuration:

  1. HTTP requests use port 8000
  2. HTTPS requests use port 4443


 Then, you may perform the following:

  1. Shutdown the Oracle HTTP Server HTTPS listener (port 4443)
  2. Install, configure and start HAProxy to listen on port 4443

Related Articles

References

Wednesday Apr 22, 2015

Quarterly EBS Upgrade Recommendations: April 2015 Edition

We've previously provided advice on the general priorities for applying EBS updates and creating a comprehensive maintenance strategy.   

Here are our latest upgrade recommendations for E-Business Suite updates and technology stack components.  These quarterly recommendations are based upon the latest updates to Oracle's product strategies, latest support timelines, and newly-certified releases

You can research these yourself using this Note:

Upgrade Recommendations for April 2015

  1. EBS 11i users should upgrade to 12.1.3 or 12.2.  Before upgrading, 11i users should be on the minimum 11i patching baseline.

  2. EBS 12.0 users should upgrade to 12.1.3 or 12.2.  Before upgrading, 12.0 users should be on the minimum 12.0 patching baseline.

  3. EBS 12.1 users should upgrade to 12.1.3 RPC3 or 12.2.

  4. EBS 12.2 users should upgrade to 12.2.4, the March 2015 AD/TXK tools, StartCD 49, and FMW 11.1.1.7.

  5. Users staying on EBS 11i and 12.1 should upgrade to Database 11.2.0.4 or 12.1.0.2.

  6. Users upgrading to EBS 12.2 should upgrade to Database 11.2.0.4.

  7. EBS 11i and 12 users of Oracle Single Sign-On 10g users should migrate to OAM 11gR2 Patchset 2 11.1.2.2.0.

  8. Oracle Internet Directory 10g users should upgrade to Oracle Internet Directory 11g 11.1.1.7.

  9. Oracle Discoverer users should migrate to Oracle Business Intelligence Enterprise Edition (OBIEE), Oracle Business Intelligence Applications (OBIA), or Discoverer 11g 11.1.1.7.

  10. Oracle Portal 10g users should migrate to Oracle WebCenter 11g 11.1.1.7 or upgrade to Portal 11g 11.1.1.6.

  11. All Windows desktop users should migrate from JInitiator and older Java releases to JRE 1.6.0_95 or later 1.6 updates or JRE 1.7.0_79 or later 1.7 updates or JRE 1.8.0_45 or later 1.8 updates.

  12. All EBS 11i, 12.0, 12.1, and 12.2 users must sign their environment's JAR files now.

  13. All Firefox users should upgrade to Firefox Extended Support Release 31.

  14. All EBS 11i, 12.0, 12.1, 12.2 users should apply the April 2015 Critical Patch Update.

  15. Windows XP and Office 2003 users should upgrade to later versions.

  16. All EBS customers on Exalogic and Exadata should follow the latest recommendations.

  17. All EBS customers should switch from Secure Socket Layer (SSL) to Transport Layer Security (TLS).

Related Articles

Wednesday Apr 15, 2015

Critical Patch Update for April 2015 Now Available

The  Critical Patch Update (CPU) for April 2015 was released on April 14, 2015.  Oracle strongly recommends applying the patches as soon as possible.

The Critical Patch Update Advisory is the starting point for relevant information. It includes a list of products affected, pointers to obtain the patches, a summary of the security vulnerabilities, and links to other important documents.

Supported products that are not listed in the "Supported Products and Components Affected" Section of the advisory do not require new patches to be applied.

Also, it is essential to review the Critical Patch Update supporting documentation referenced in the Advisory before applying patches, as this is where you can find important pertinent information.

The Critical Patch Update Advisory is available at the following location:

The next four Critical Patch Update release dates are:

  • July 14, 2015
  • October 20, 2015
  • January 19, 2016
  • April 19, 2016
E-Business Suite Releases 11i and 12 Reference

Thursday Feb 12, 2015

Database 12.1.0.2 Certified with E-Business Suite 11i

[Sep. 30, 2015 Update: Moved "Data Guard Redo Apply with Physical Standby Database" to the "Certifications Not Planned" section]

I’m pleased to announce that 12.1.0.2, the first patchset for Database 12c is now certified with Oracle E-Business Suite 11i. Be sure to review the 11i interoperability note.

Database support implications may also be reviewed in the database patching and support article. 

Screenshot of Database 12.1.0.2 OTN download page

Oracle E-Business Suite Release 11i

Prerequisites
  • 11.5.10.2 + ATG PF.H RUP 7 and higher

Certified Platforms

  • Linux x86-64 (Oracle Linux 5) -- Database-tier only
  • Linux x86-64 (RHEL 5) -- Database-tier only
  • Oracle Solaris on SPARC (64-bit) (10)
  • Oracle Solaris on x86-64 (64-bit) (10) -- Database-tier only

Pending Platform Certifications

  • IBM AIX on Power Systems (64-bit)
  • HP-UX Itanium
  • IBM: Linux on System z 

Database Feature and Option Certifications
The following database options and features are supported for use:

Certifications Not Planned

  • Active Data Guard
  • Oracle Multitenant
  • Oracle In Memory Database
  • Oracle Database Vault
  • Transportable Database and Transportable Tablespaces data migration processes
  • Data Guard Redo Apply with Physical Standby Databases

About the pending certifications

Oracle's Revenue Recognition rules prohibit us from discussing certification and release dates, but you're welcome to monitor or subscribe to this blog for updates, which I'll post as soon as soon as they're available.   

EBS 11i References

Related Articles


Thursday Jan 22, 2015

Using SHA-2 Signed Certificates with EBS

Secure Hash Algorithms (SHA) are used for a variety of cryptographic purposes including signing of public key infrastructure (PKI) certificates (e.g., code signing cerificates and Secure Socket Layer (SSL) or Transport Layer Security (TLS) server certificates). Currently, the SHA family of functions include SHA-0, SHA-1, SHA-2 and SHA-3. This article and reference notes focus on the use of the SHA256 hash function of SHA-2 with Oracle E-Business Suite.

Why is SHA-2 important to you?

Industry standards for encryption algorithms are constantly under review. Many certificate authorities are recommending or mandating SHA-2 as the minumum signature algorithm for issuing certificates. The time frame for moving to SHA-2 varies depending upon the certificate authority that is used. The requirement for SHA-2 also impacts intermediate certificates which must also be SHA2 in order to chain back to the end-entity SHA-2 certificate issued. Root certificates are not impacted.

When does Oracle E-Business Suite use certificates?

1. HTTPS clients (outbound connections)
HTTPS client connections that originate from Oracle E-Business Suite. For HTTPS clients, you may need to apply product patches to use SHA-2 certificates. Currently, the following products have identified additional requirements to support SHA-2 for HTTPS clients:

  • XML Gateway
    Follow the instructions in the patch README and apply the following patch: 19909850
  • iProcurement
    Follow the instructions for iProcurement in My Oracle Support Note 1937220.1.

In addition to products that initiate outbound connections from java code on the application tier, the Oracle Database may also act as an HTTP client when the UTL_HTTP package is utilized. Some Oracle E-Business Suite products leverage UTL_HTTP for outbound HTTPS connections. You may also use UTL_HTTP for external integrations and customizations.

For the Oracle Database to utilize a PKI (including SHA-2 signed) certificate, SSL/TLS for outgoing connections database connections must be configured.  Our testing in Oracle E-Business Suite development has confirmed that UTL_HTTP is SHA-2 compliant as of Oracle Database 11.1.0.7 (we have not tested with earlier database versions).The steps for enabling and testing SSL/TLS configuration for the Oracle Database are documented in the following:

2. Server Side
In addition to client side (outbound connections), the Oracle E-Business Suite application tier utilizes PKI certificates for code signing by AD Jar Signing and for the (inbound) SSL/TLS termination point using the Oracle HTTP Server.

AD JAR Signing
During patching, Oracle E-Business Suite uses certificates to sign JARs that will be delivered to the browser. As of Java 1.5, Java and its utilities keytool and jarsigner supports SHA-2 certificates. SHA-2 certificates are certified for JAR signing for all versions of Oracle E-Business Suite (11i, 12.0, 12.1 and 12.2) and Java 1.5 and higher.

Oracle HTTP Server (inbound connections)
SHA-2 certificates are also used by the Oracle HTTP server that is delivered with the Oracle E-Business Suite Applications Technology. The requirements for SHA-2 for the Oracle HTTP Server vary per Oracle E-Business Suite version as follows:

  • Oracle E-Business Suite Release 12.2
    SHA-2 certificates are certified with the Oracle HTTP Server delivered with Oracle E-Business Suite 12.2. The wallet management tools that are shipped with EBS 12.2 generate Certificate Signing Requests (CSRs) signed using MD5. The following note has been updated with the steps necessary to create CSRs signed with other algorithms including SHA-2:
  • Oracle E-Business Suite Releases 12.0 and 12.1
    We are currently working on the certification of SHA-2 certificates with the Oracle HTTP Server for Oracle E-Business Suite Release 12.0 and 12.1. As an option while we are working on this certification, you may use an alternate technology (ie, a load balancer, reverse proxy, etc) that supports SHA-2 as the SSL/TLS termination point. Another alternative is to request that your certificate authority issue a SHA-1 certificate.

  • Oracle E-Business Suite Release 11i
    SHA-2 certificates are certified with Oracle E-Business Suite Release 11i when using mod_ssl.so OpenSSL library version 0.98za or later.  To get the minimum mod_ssl.sl library required for EBS 11i and SHA-2, you must apply the July 2014 CPU. Note: We always recommend that you apply the most current CPU available to your environment. You may refer to the following note for additional details:

Related Articles

References

Tuesday Jan 20, 2015

Critical Patch Update for January 2015 Now Available

The  Critical Patch Update (CPU) for January 2015 was released on January 20, 2015.  Oracle strongly recommends applying the patches as soon as possible.

The Critical Patch Update Advisory is the starting point for relevant information. It includes a list of products affected, pointers to obtain the patches, a summary of the security vulnerabilities, and links to other important documents.

Supported products that are not listed in the "Supported Products and Components Affected" Section of the advisory do not require new patches to be applied.

Also, it is essential to review the Critical Patch Update supporting documentation referenced in the Advisory before applying patches, as this is where you can find important pertinent information.

The Critical Patch Update Advisory is available at the following location:

The next four Critical Patch Update release dates are:

  • April 14, 2015
  • July 14, 2015
  • October 20, 2015
  • January 19, 2016
E-Business Suite Releases 11i and 12 Reference

Thursday Jan 08, 2015

Database 12.1.0.2 Certified with E-Business Suite 12.2

I’m pleased to announce that 12.1.0.2, the first patchset for the 12c Database, is now certified with E-Business Suite 12.2.2 and higher. 

Database support implications may also be reviewed in this database patching and support article.

Oracle E-Business Suite Release 12.2.x
Certified Platforms
  • Linux x86-64 (Oracle Linux 5, 6)
  • Linux x86-64 (RHEL 5, 6)
  • Linux x86-64 (SLES 11)
  • Oracle Solaris on SPARC (64-bit) (10, 11) 
  • Oracle Solaris on x86-64 (10, 11)*
*This is a 'database tier only' or 'split tier configuration' certification where the application tier must be on a fully certified E-Business Suite platform.
Pending Platform Certifications
  • Microsoft Windows x64 (64-bit) 
  • IBM AIX on Power Systems (64-bit)
  • HP-UX Itanium
  • IBM: Linux on System z 
Database Feature and Option Certifications
The following database options and features are supported for use:

Pending Feature/Option Certifications

  • Oracle Multitenant
  • Oracle Database Vault
  • TDE Tablespace Encryption
  • Transportable Database and Transportable Tablespaces data migration processes

About the pending certifications

Oracle's Revenue Recognition rules prohibit us from discussing certification and release dates, but you're welcome to monitor or subscribe to this blog for updates, which will be posted as soon as soon as they're available.  

EBS 12.2 References

Related Articles
The preceding is intended to outline our general product direction.  It is intended for information purposes only, and may not be incorporated into any contract.   It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decision.  The development, release, and timing of any features or functionality described for Oracle's products remains at the sole discretion of Oracle.

Monday Jan 05, 2015

Enhance E-Business Suite Security By Switching to TLS

It seems fitting to start 2015 with a security-related blog post about Secure Socket Layer (SSL) and Transport Layer Security (TLS).  TLS is the successor to SSL. TLS, like SSL, is a protocol that encrypts traffic between applications and servers. TLS is based on SSL 3.0. TLS 1.0 is sometimes referred to as SSL 3.1. Going forward you will hear us talk more about TLS and less about SSL.

TLS is considered to be more secure than SSL.  All systems that use SSL 3.0 may be vulnerable to a design vulnerability in SSL’s handling of block cipher mode padding.  The Padding Oracle on Downgraded Legacy Encryption (POODLE) attack is one possible attack vector for web browsers and web servers.

Oracle E-Business Suite customers can migrate to TLS and mitigate the effects of POODLE attacks by following:

Happy 2015!

.Related Articles

References

Tuesday Dec 16, 2014

Updated: Using Third-Party Identity Managers with E-Business Suite Release 12

This article is an updated version of two earlier articles: one written for EBS 11i + SSO + OID, and another written for EBS 12 + SSO + OID.  Oracle Single Sign-On has been superceded by Oracle Access Manager (OAM).  This latest article covers the latest options for using EBS Release 12.x (12.0, 12.1, and 12.2) and Oracle Access Manager with third-party authentication systems.

Like most of our customers, you probably already have a corporate identity management system in place. And, you've probably not been enjoying the experience of redundantly administering the same user in your corporate identity management system as well as the E-Business Suite. If this describes your environment, this in-depth article about integrating Oracle E-Business Suite Release 12, Oracle Access Manager, and Oracle Internet Directory with third-party identity management systems will show you a better way of managing your EBS users.

No More Redundant User Administration

It is possible to integrate the E-Business Suite with existing third-party LDAP and single sign-on solutions via Oracle Internet Directory and Oracle Access Manager and Oracle Internet Directory, respectively:

Architecture diagram EBS + Oracle Access Manager + OID + third party ldap

Third-party single sign-on solutions can be integrated with Oracle Access Manager, and third-party LDAP directories can be integrated with Oracle Internet Directory. Oracle Access Manager and Oracle Internet Directory are integrated, in turn, with the E-Business Suite.

Example Scenario: The Deluxe "Zero Sign-On" Approach

A user logs on their PC using their Windows userid and password. The user decides to file an expense report for attending the OpenWorld conference. He starts Internet Explorer, opens Favorites, and selects a bookmarked link for the E-Business Suite's Self-Service Expenses.  Self-Service Expenses starts and the user begins the entering their expense report.

We sometimes call this "zero sign-on" because the user never actually logged on to any Oracle systems at all; the user's Windows Kerberos ticket from the Windows Primary Domain Controller (PDC) gave him access to the E-Business Suite automatically.

Magic? What Really Happened?

Brace yourself: some of the following material might require a couple of passes to sink in.

The "deluxe" scenario above illustrates the following integrations:

  • Microsoft Active Directory with Oracle Internet Directory
  • Microsoft Kerberos Authentication with Oracle Access Manager
  • Oracle Access Manager and Oracle Internet Directory integration with the E-Business Suite

Microsoft Active Directory MSAD integration with EBS and Windows Kerberos

The user logged on to their PC, which authenticated them against Microsoft Active Directory. As part of that logon process, the Windows Primary Domain Controller (PDC) issued a valid Kerberos ticket to the user.

When the user attempted to access Self-Service Expenses via his bookmarked link, he was redirected to Oracle Access Manager. Oracle Access Manager checked the user's credentials against the Windows Key Domain Controller (KDC), issued its own Oracle security tokens to the user, and redirected the user back to the E-Business Suite.

The E-Business Suite recognized the Oracle Access Manager security tokens and looked up the user's assigned Applications Responsibilities to ensure that he was authorized to access Self-Service Expenses. That done, it issued its own E-Business Suite security tokens and then passed the user through to Self-Service Expenses without requiring any additional logons.

Integration with Microsoft Active Directory Only

Not everyone uses Microsoft Kerberos Authentication. A simpler integration option omits Kerberos and includes only Microsoft Active Directory and Oracle Internet Directory, like this:

Microsoft Active Directory MSAD integration with EBS

In this simpler architecture, when the user attempts to access Self-Service Expenses via his bookmarked link, he's redirected to Oracle Access Manager. Oracle Access Manager displays a login screen and collects the user's ID and password.

Oracle Access Manager passes the user's credentials to Oracle Internet Directory.  Oracle Internet Directory uses the Microsoft Active Directory External Authentication Plug-In to pass the user's credentials to Microsoft Active Directory.

Microsoft Active Directory looks up the user's ID and password in its database, and informs Oracle Internet Directory that this is an authenticated user. Oracle Internet Directory informs Oracle Access Manager that the user was successfully authenticated.

Oracle Access Manager issues the user a set of security tokens and redirects the user to the E-Business Suite. The E-Business Suite recognizes the Oracle Access Manager security tokens and looks up the user's assigned Applications Responsibilities to ensure that he's authorized to access Self-Service Expenses. That done, it issues its own E-Business Suite security tokens and then passes the user through to Self-Service Expenses.

Synchronization of User Credentials with Third-Party LDAP Directories

If you've been paying close attention so far, you have gathered that user credentials need to be synchronized between the third-party LDAP, Oracle Internet Directory, and the E-Business Suite. The synchronization architecture looks like this:

Architecture diagram third-party LDAP directory integration with EBS

In this configuration, only the user name needs to be synchronized; the user's password is stored in the third-party LDAP directory. None of the Oracle products need to store the user's password, since they delegate user authentication to the third-party LDAP solutions.

Architecture diagram showing how passwords are stored in third-party LDAPs and not Oracle Internet Directory or E-Business Suite

The key concept here is that user authentication is still separated from user authorization even when a third-party LDAP is in place.

Architecture diagram distinguishing Authentication%20vs%20Authorization.png

So, the E-Business Suite still grants authenticated users access to E-Business Suite protected content based on the users' Applications Responsibilities, which are managed in the E-Business Suite exclusively.

Integration With Other Single Sign-On Solutions

It is also possible to integrate Oracle Access Manager with other single sign-on solutions, including:

  • CA Netegrity SiteMinder
  • Biometric devices like fingerprint readers
  • Smartcards
  • PKI X.509 digital certificates

When integrated with other single sign-on solutions, a chain of trust is established between the third-party, Oracle Access Manager, and the E-Business Suite. Users logging on via the third-party single sign-on solution are passed through transparently to Oracle Access Manager and the E-Business Suite.

Relax, It's Easy and Fun

Well, maybe not... but at least it's technically feasible. You might find it reassuring to note that a number of E-Business Suite customers are running this configuration in production already.

This is about as much detail as I think is appropriate for now. Feel free to post comments if you have questions about this topic.

References

For a survey of options for integrating Oracle Access Manager and Oracle Internet Directory with Oracle E-Business Suite Release 12, see:

Related Articles

Wednesday Oct 15, 2014

Critical Patch Update for October 2014 Now Available

The Critical Patch Update (CPU) for October 2014 was released on October 14, 2014.  Oracle strongly recommends applying the patches as soon as possible.

The Critical Patch Update Advisory is the starting point for relevant information. It includes a list of products affected, pointers to obtain the patches, a summary of the security vulnerabilities, and links to other important documents.

Supported products that are not listed in the "Supported Products and Components Affected" Section of the Advisory do not require new patches to be applied.

Also, it is essential to review the Critical Patch Update supporting documentation referenced in the Advisory before applying patches, as this is where you can find important pertinent information.

The Critical Patch Update Advisory is available at the following location:

The next four Critical Patch Update release dates are:
  • 13 January 2015
  • 14 April 2015
  • 14 July 2015
  • 13 October 2015

E-Business Suite Releases 11i and 12 Reference

Saturday Sep 27, 2014

Database 12.1.0.2 Certified with E-Business Suite 12.1

I’m pleased to announce that 12.1.0.2, the first patchset for the 12c Database, is now certified with E-Business Suite 12.1. 

Database support implications may also be reviewed in this database patching and support article.

Oracle E-Business Suite Release 12.1.x
Certified Platforms
  • Linux x86-64 (Oracle Linux 5, 6)
  • Linux x86-64 (RHEL 5, 6)
  • Linux x86-64 (SLES 11)
  • Oracle Solaris on SPARC (64-bit) (10, 11)
Pending Platform Certifications
  • Microsoft Windows x64 (64-bit) 
  • Oracle Solaris on x86-64 (64-bit)
  • IBM AIX on Power Systems (64-bit)
  • HP-UX Itanium
  • IBM: Linux on System z 
Database Feature and Option Certifications
The following database options and features are supported for use:

Pending Feature/Option Certifications

  • Oracle Multitenant
  • Oracle Database Vault
  • Export/Import process for EBS 12.0 or 12.1 with RDBMS 12cR1 Version 12.1.0.2
  • TDE Tablespace Encryption
  • Transportable Database and Transportable Tablespaces data migration processes

About the pending certifications

Oracle's Revenue Recognition rules prohibit us from discussing certification and release dates, but you're welcome to monitor or subscribe to this blog for updates, which I'll post as soon as soon as they're available.  

EBS 12 References

    Related Articles
    The preceding is intended to outline our general product direction.  It is intended for information purposes only, and may not be incorporated into any contract.   It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decision.  The development, release, and timing of any features or functionality described for Oracle's products remains at the sole discretion of Oracle.

    Friday Sep 19, 2014

    Database 12.1.0.1 Certified with EBS 12.2

    [Oct. 7, 2014 update: Added Data Guard and Active DataGuard options to the list of pending certifications]

    I’m pleased to announce that 12.1.0.1, the base release for the 12c Database, is now certified with E-Business Suite 12.2. This expands on our previously-announced certification for EBS 11i, 12.0, and 12.1.

    Database support implications may also be reviewed in this database patching and support article.

    Oracle E-Business Suite Release 12.2.2 and higher
    Certified Platforms
    • Linux x86-64 (Oracle Linux 5, 6)
    • Linux x86-64 (RHEL 5, 6)
    • Linux x86-64 (SLES 11)
    • Oracle Solaris on SPARC (64-bit) (10, 11)
    • Oracle Solaris on x86-64 (64-bit) (10, 11) -- Database-tier only
    Pending Platform Certifications
    • Microsoft Windows x64 (64-bit)
    • IBM AIX on Power Systems (64-bit)
    • HP-UX Itanium
    • IBM: Linux on System z 
    Database Feature and Option Certifications
    The following database options and features are supported for use:

    Pending Feature/Option Certifications

    • Oracle Multitenant
    • Oracle Database Vault
    • Transportable Database and Transportable Tablespaces data migration processes
    • Oracle DataGuard
    • Oracle Active DataGuard

    About the pending certifications

    Oracle's Revenue Recognition rules prohibit us from discussing certification and release dates, but you're welcome to monitor or subscribe to this blog for updates, which I'll post as soon as soon as they're available.    

    EBS 12 References

    Related Articles
    The preceding is intended to outline our general product direction.  It is intended for information purposes only, and may not be incorporated into any contract.   It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decision.  The development, release, and timing of any features or functionality described for Oracle's products remains at the sole discretion of Oracle.

    Monday Sep 15, 2014

    Preventing "Java was blocked" IE Warnings with Oracle EBS

    Microsoft Internet Explorer (IE) started warning users about out-of-date ActiveX controls running through any security zone except the 'Local intranet' or the 'Trusted sites' zones when using IE 8 or later. Attempts to run any Java content from your desktop using older JRE releases -- releases prior to the latest Critical Patch Updates (CPU) on any JRE codeline -- through any other zone now result in a warning message. This may prevent you from accessing Java-based or Forms-based content within Oracle E-Business Suite.

    IE will not block functionality for end-users who meet any of these conditions:

    • Are running EBS through the browsers "Local Intranet" or "Trusted sites" zones
    • Have the latest Java Runtime Environment (JRE) Critical Patch Update (CPU) release on Java 6 or 7

    IE will block end-users whose desktops meet all of the following conditions:

    • Users are running the E-Business Suite in the the "Internet" zone
    • Users do not have latest Java Runtime Environment (JRE) Critical Patch Update (CPU) release on Java 6 or 7

    Affected end-users will see the following warning:

    Java(TM) was blocked because it is out of date and needs to be updated

    How do I prevent this Issue?

    OPTION 1

    Follow our documented recommendations to run Oracle E-Business Suite through the "Trusted sites" zone. 

    See the "Recommended Internet Explorer Browser Settings" section within:

    OPTION 2

    Follow Microsoft's workaround to turn this feature off:

    OPTION 3

    Upgrade to the latest JRE release. See:

    Related Articles

    Wednesday Jul 16, 2014

    Critical Patch Update for July 2014 Now Available

    The  Critical Patch Update (CPU) for July 2014 was released on July 15, 2014.  Oracle strongly recommends applying the patches as soon as possible.

    The Critical Patch Update Advisory is the starting point for relevant information. It includes a list of products affected, pointers to obtain the patches, a summary of the security vulnerabilities, and links to other important documents.

    Supported products that are not listed in the "Supported Products and Components Affected" Section of the advisory do not require new patches to be applied.

    Also, it is essential to review the Critical Patch Update supporting documentation referenced in the Advisory before applying patches, as this is where you can find important pertinent information.

    The Critical Patch Update Advisory is available at the following location:

    The next four Critical Patch Update release dates are:

    • October 14, 2014
    • January 13, 2015
    • April 14, 2015
    • July 14, 2015
    E-Business Suite Releases 11i and 12 Reference

    Wednesday Apr 16, 2014

    Critical Patch Update for April 2014 Now Available

    The  Critical Patch Update (CPU) for April 2014 was released on April 15, 2014.  Oracle strongly recommends applying the patches as soon as possible.

    The Critical Patch Update Advisory is the starting point for relevant information. It includes a list of products affected, pointers to obtain the patches, a summary of the security vulnerabilities, and links to other important documents.

    Supported products that are not listed in the "Supported Products and Components Affected" Section of the advisory do not require new patches to be applied.

    Also, it is essential to review the Critical Patch Update supporting documentation referenced in the Advisory before applying patches, as this is where you can find important pertinent information.

    The Critical Patch Update Advisory is available at the following location:

    The next four Critical Patch Update release dates are:

    • July 15, 2014
    • October 14, 2014
    • January 13, 2015
    • April 14, 2015
    E-Business Suite Releases 11i and 12 Reference

    Wednesday Mar 05, 2014

    Oracle Database 11.2.0.4 Certified with E-Business Suite 12.2

    I'm very happy to announce the certification of Oracle Database 11.2.0.4 with Oracle E-Business Suite 12.2. 

    To begin planning your database upgrade to 11.2.0.4, you should review our documentation in this order:

    1. Interoperability Notes: Oracle E-Business Suite 12.2 with Oracle Database 11g Release 2 (Note 1623879.1) 

    2. R12.2 Consolidated List of Patches and Technology Bug Fixes (Note 1594274.1) .  The interoperability note references this note.  It is crucial that you review all requirements in Section 2.2, "Database 11.2.0.4 Patches and Bug Numbers" of this note.

    3. Database Initialization Parameters for Oracle E-Business Suite Release 12 (Note 396009.1).  Make certain that you review Section 4, "Release-Specific Database Initialization Parameters For Oracle 11gR2" and Section 6, "Additional Database Initialization Parameters for Oracle E-Business Suite Release 12.2".

    What does this mean if you are upgrading to R12.2?

    • This upgrade is highly recommended for all EBS 12.2 environments.

    • If you are just beginning your upgrade to R12.2 project, you should consider upgrading to Oracle Database 11.2.0.4 now. 

    • If your are currently in the midst of your R12.2 upgrade, you may continue as planned with Oracle Database 11.2.0.3 and upgrade to 11.2.0.4 as your R12.2 upgrade project and test plans permit.

    • If your go-live date is soon, you may choose to continue as planned with Oracle Database 11.2.0.3 and upgrade to 11.2.0.4 after you go-live with 12.2.

    It may be useful to review the the Oracle Database 11gR2 support policies and dates as part of your decision-making process:

    Prerequisites

    • 12.2.2 and higher
    Certified Platforms
    • Linux x86-64 (Oracle Linux 5, 6)
    • Linux x86-64 (RH 5, 6)
    • Linux x86-64 (SLES 10, 11)
    • Oracle Solaris on SPARC (64-bit)  (10, 11)
    • Oracle Solaris on x86-64 (64-bit) (10, 11) -  Database tier only
    • IBM AIX on Power Systems (64-bit) (6.1, 7.1)
    • HP-UX Itanium (11.31)
    Pending Platform Certifications
    • Microsoft Windows x64 (64-bit)
    • IBM: Linux on System z 
    Database Feature and Option Certifications
    The following database features and options are certified:

    Pending Database Feature and Option Certifications

    • Database Vault

    About the pending certifications

    Oracle's Revenue Recognition rules prohibit us from discussing certification and release dates, but you're welcome to monitor or subscribe to this blog for updates, which I'll post as soon as soon as they're available.    

    References

    Related Articles
    The preceding is intended to outline our general product direction.  It is intended for information purposes only, and may not be incorporated into any contract.   It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decision.  The development, release, and timing of any features or functionality described for Oracle's products remains at the sole discretion of Oracle.

    Wednesday Feb 12, 2014

    Oracle Access Manager 11.1.2.2 Certified with Oracle E-Business Suite

    I am happy to announce that Oracle Access Manager 11gR2 Patchset 2 (11.1.2.2.0) is now certified with Oracle E-Business Suite Release 11i (11.5.10.2) and 12 (12.0.6, 12.1.1+, 12.2.2+).  If you are implementing single sign-on for the first time, or are an existing Oracle Access Manager user, you may integrate with Oracle Access Manager 11gR2 using Oracle Access Manager WebGate and Oracle E-Business Suite AccessGate.

    Choosing the Right Integration

    Our previously published blog article and support note with single sign-on recommended and certified integration paths has been updated to include Oracle Access Manager 11gR2PS2:

    References

    You may refer to the following My Oracle Support Knowledge Documents for additional details regarding certified architectures and versions:

      Related Articles
      About

      Search

      Categories
      Archives
      « May 2016
      SunMonTueWedThuFriSat
      1
      2
      3
      4
      5
      7
      8
      9
      10
      11
      12
      14
      15
      19
      20
      21
      22
      23
      24
      25
      26
      27
      28
      29
      30
      31
          
             
      Today