X

The Latest Technology Stack News Directly from EBS Development

TLS 1.2 Certified with E-Business Suite 12.1

By: Elke Phelps | Product Management Director

I'm pleased to announce that Oracle E-Business Suite 12.1 inbound, outbound, and loopback connections are now certified with TLS 1.2, 1.1, and 1.0. If you have not already migrated from SSL to TLS, you should begin planning the migration for your environment. 

For more information on patching and configuration requirements when migrating to TLS 1.2 from TLS 1.0 or SSL or enabling TLS for the first time, refer to the following My Oracle Support Knowledge Document:

Migrating to TLS 1.2 per the steps and configuration outlined in MOS Note 376700.1 will do the following:

  • Address recent security vulnerabilities (e.g. POODLE, FREAK, LOGIAM, RC4NOMORE)
  • Migrate to new OpenSSL libraries which will change the method by which you generate and import your certificate  

Configuration Options

  • Configure TLS 1.2 with Backward Compatibility

    The default Oracle E-Business Suite 12.1 configuration allows for the handshake between the client and server to negotiate and use the highest version of TLS (either 1.2, 1.1, or 1.0) supported by both parties. For example, if the outbound connection used by iProcurement is by default configured for TLS 1.2, 1.1 and 1.0 and if a call is made from Oracle E-Business Suite iProcurement to an external site that supports TLS 1.2 and a common cipher suite is found, then TLS 1.2 will be used. If a call is made from Oracle E-Business Suite iProcurement to an external site that supports TLS 1.1 and a common cipher suite is found, then the handshake negotiation will resolve to use TLS 1.1.  
  • Configure TLS 1.2 Only (Optional Configuration)

You may optionally configure Oracle E-Business Suite to use TLS 1.2 only for all inbound, outbound and loopback connections. Warning: If you restrict Oracle E-Business Suite 12.1 to use only TLS 1.2, this configuration could result in the inability to connect with other sites or browsers that do not support TLS 1.2.
  • Disable the HTTP Port (Optional Configuration)

You may optionally configure the Oracle HTTP Sever (OHS) delivered with the Oracle E-Business Suite application technology stack to disable the HTTP port and use the HTTPS port only.

Where can I learn more? There are several guides and documents that cover Oracle E-Business Suite 12.1 secure configuration and encryption. You can learn more by reading the following:

SSL or TLS 1.0 Reference Note

If you are using SSL or TLS 1.0 and need to review your current configuration or renew your certificate, you may refer to the following:

Related Articles

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha
Oracle

Integrated Cloud Applications & Platform Services