Professional Documents
Culture Documents
2 Configuration for
Oracle E-Business Suite 12.2 and 12.1
A SSL vs TLS
B HTTPS Connections in Oracle E-Business Suite
A SSL vs TLS
B HTTPS Connections in Oracle E-Business Suite
[000a] RSA_DES_192_CBC3_SHA
[002f] RSA_WITH_AES_128_SHA
[0035] RSA_WITH_AES_256_SHA Available
[003c] RSA_WITH_AES_128_CBC_SHA256 with
[003d] RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
[009c] RSA_WITH_AES_128_GCM_SHA256
[009d] RSA_WITH_AES_256_GCM_SHA384
A SSL vs TLS
B HTTPS Connections in Oracle E-Business Suite
External Internal
Internet Application Node Application Node Intranet
User EBS Database User
External
Site
DMZ
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential – Internal/Restricted/Highly Restricted 16
What’s New with the Certification of EBS and TLS 1.2?
For Reference Only for
Existing SSL/TLS 1.0 Customers
New Structure and Content for TLS 1.2 Content for SSLv3 and TLS 1.0
New Structure and Content for TLS 1.2 Content for SSLv3 and TLS 1.0
Web
Node 2
• Known Issues
– Same AutoConfig known issue as with the inbound connection configuration
• EBS 12.2 and 12.1 are now certified with only the HTTPS port accessible.
• After HTTPS (e.g. port 4443) is enabled, the HTTP port (e.g., port 8000) is
still accessible. You now may manually disable the HTTP port.
• Known Issues
– iHELP search failure (20472035)
Note:
• Minimum requirement for TLS 1.2 is JDK 1.6.0_121 (July
2016 update) or 1.7.0_xx.
• Follow the steps in MOS Note 455492.1 to upgrade to
JDK 6 or MOS Note 1530033.1 to upgrade to JDK 1.7
If you are enabling “TLS 1.2 Only” the following lines are
required:
SSLProtocol TLSv1.2
SSLCipherSuite
HIGH:MEDIUM:!aNULL:!RC4:+HIGH:+MEDIUM
Title Doc ID
FAQ: Oracle E-Business Suite Security 2063486.1
Oracle E-Business Suite Security Guide, Release 12.2 – Secure Configuration Chapter N/A
Secure Configuration for Oracle E-Business Suite Release 12 403537.1
Enabling TLS in Oracle E-Business Suite Release 12.2 1367293.1
Enabling SSL or TLS in Oracle E-Business Suite Release 12.2 2143101.1
Enabling TLS in Oracle E-Business Suite Release 12.1 376700.1
Enabling SSL or TLS in Oracle E-Business Suite Release 12 2143099.1
CVE-2014-3566 - Instructions to Mitigate the SSLv3 Vulnerability ("POODLE Attack") in Oracle E-Business Suite 1937646.1
education.oracle.com/subscriptions/ebs
blogs.oracle.com/stevenchan
Subscribe by Email
facebook.com/groups/EBS.SysAdmin
Join us on Facebook