TLS 1.2 Configuration for Oracle E-Business Suite 12.2 and 12

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. |

TLS 1.2 Configuration for Oracle E-Business Suite 12.2 and 12.1

Eric Bing, Senior Director, Security Elke Phelps, Senior Principal Product Manager, Applications Technology E-Business Suite Development Oracle OAUG EBS Security SIG Webinar May 24, 2017


TLS 1.2 for Oracle E-Business Suite 12.2 and 12.1

2

1. Migrating from SSL/TLS 1.0 to TLS 1.2

2. Enabling TLS for the first time

Steps performed for both scenarios may differ depending upon • Enabling/Migrating is the same for EBS 12.1 for inbound

connections due to OpenSSL • Special considerations for inbound, outbound & loopback • Optional configurations

MOS Note 1367293.1 and 376700.1


Program Agenda

Review Key Terminology and Concepts TLS 1.2 Certification with EBS 12.2 and 12.1 Overview of Key Prerequisites and Configuration Steps Optional Configurations TLS 1.2 Configuration Checklist

3

1

2

3

4

5


Program Agenda

Review Key Terminology and Concepts TLS 1.2 Certification with EBS 12.2 and 12.1 Overview of Key Prerequisites and Configuration Steps Optional Configurations TLS 1.2 Checklist for Support

4

1

2

3

4

5


Program Agenda

SSL vs TLS HTTPS Connections in Oracle E-Business Suite

5

A

B


Program Agenda


6

A

B


Transport Layer Security (TLS) vs Secure Socket Layer (SSL)

• TLS is the successor to SSL; HTTPS is HTTP working on top of TLS

• TLS (1.2) is what we will talk about for Oracle E-Business Suite going forward • SSL 3.0 is no longer recommended (dead)

• TLS creates an encrypted connection between two machines allowing for private information to be transmitted without the problems of eavesdropping, data tampering, or message forgery

• Industry standards mandating the move to TLS 1.2 – OMB NIST mandate (800-52 rev1) to move to TLS 1.2 – PCI council (PCI DSS v3.1) requires new implementations to be on at least TLS 1.1

• Migrate to a minimum of TLS 1.1, preferably TLS 1.2 by June 2018

Review

http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r1.pdf

https://www.pcisecuritystandards.org/documents/Migrating_from_SSL_Early_TLS_Information%20Supplement_v1.pdf


“everything less than TLS 1.2 … is cryptographically broken”

– Adam Langley, Google Chrome

8


• POODLE – Padding Oracle On Downgraded Legacy Encryption – Migration to TLS (SSLv3 is turned off)

• FREAK, Logjam, RC4-NO-MORE – Factoring Attack on RSA-EXPORT Keys – Weak DH parameters (<2048), RC4) – Disable weak cipher suites – Strong cipher suites

• For example, EBS R12.2 (FMW 11.1.1.9):

9

TLS Addresses Recent Security Vulnerabilities

[000a] RSA_DES_192_CBC3_SHA [002f] RSA_WITH_AES_128_SHA [0035] RSA_WITH_AES_256_SHA [003c] RSA_WITH_AES_128_CBC_SHA256 [003d] RSA_WITH_AES_256_CBC_SHA256 [009c] RSA_WITH_AES_128_GCM_SHA256 [009d] RSA_WITH_AES_256_GCM_SHA384

Available with

TLS 1.2

EBS 12.2 Roadmap: Elliptic curve cipher suites


Program Agenda


10

A

B


• Inbound Connections from a client to the Oracle HTTP Server

• Loopback connections from Oracle E-Business Suite to itself

• Outbound connections from Oracle E-Business Suite to External Site(s)

HTTPS Connections in Oracle E-Business Suite

Intranet User

Internet User

External Site

External Application Node

Internal Application Node

EBS Database

DMZ

11


Inbound Connections • Browser access • Forms access • Incoming XML Gateway

message • Mobile access via a

REST service

Loopback Connections • Workflow notification

emails from Concurrent Manager tier

• Payment call back from database tier

• OAM log viewer

12

Outbound Connections • Punchout in iProcurement • XML Gateway connection

to a partner application • Payments credit card

processing

Examples of HTTPS Connections in Oracle E-Business Suite


Program Agenda


13

1

2

3

4

5


Program Agenda

What’s New with the Certification of EBS with TLS 1.2? Special Considerations for Inbound, Outbound & Loopback

14

A

B


Program Agenda

What’s New with the Certification of EBS with TLS 1.2? Special Considerations for Inbound, Outbound & Loopback

15

A

B


What’s New with the Certification of EBS and TLS 1.2? • Oracle E-Business Suite Release 12.2 and 12.1 Certified with TLS 1.2

– “TLS 1.2 with Backward Compatibility” aka “TLS 1.2 w/BC” – Mandatory prerequisites and configuration

• Oracle E-Business Suite Release 12.1 Uses OpenSSL – Provides TLS 1.2 support in OHS

• Optional Configurations – Configuring “TLS 1.2 Only” – Disabling HTTP Port – Enabling TLS from Oracle HTTP Server (OHS) to Application Server (WLS/OC4J)

Oracle Confidential – Internal/Restricted/Highly Restricted 16


Structure and Content for TLS 1.2

What’s New with the Certification of EBS and TLS 1.2?

18

EBS 12.1 MOS Note 376700.1

EBS 12.2 MOS Note 1367293.1

Content for SSLv3 and TLS 1.0

EBS 12.2 MOS Note 2143101.1

EBS 12.1 MOS Note 2143099.1

Content for SSLv3 and TLS 1.0 Structure and Content for TLS 1.2

New

New

For Reference Only for Existing SSL/TLS 1.0 Customers

New Note ID

New Note ID


Program Agenda

What’s New with this Certification? Special Considerations for Inbound, Outbound & Loopback

19

A

B


Special Considerations - Inbound Connections

A TLS termination point is the end-point server for the encrypted

connection that has been initiated by a client

20

TLS Termination

Option 1: OHS as the TLS Termination Point Option 2: Alternate TLS Termination Point (eg, load balancer or reverse proxy)



21

Option 1

• OHS is the TLS termination point • Configuration requirements

– OHS as the TLS Termination Point

Web Node 2



• Alternate TLS termination point – Load Balancer – Reverse proxy

• Configuration requirements – Load balancer must behave as TLS

Termination Point • You should also encrypt the connection to OHS,

referred to as End-to-End Encryption – Certified for EBS 12.2 and EBS 12.1

22

Option 2

Web Node 1

Web Node 2

Web Node 3

Load Balancer


Outbound & Loopback Connections – Client Truststores A truststore is a collection of root CA certificates – indicating who the client

trusts to issue trusted server certificates – Need root certificate information of all servers they are communicating with – Database calls via UTL_HTTP use a wallet as truststore – Java Apptier use a variety of truststores (JKS files,PEM file)

• Loopback connection clients must trust the rootCA certificate configured on EBS's web entry point

• Outbound connection clients (punchout, XML gateway…) must trust the rootCA certificate configured on the remote site

23

MOS Note 1367293.1 and 376700.1


Program Agenda


24

1

2

3

4

5


Program Agenda

EBS 12.2: Migrating/Enabling TLS 1.2 w/BC EBS 12.1: Migrating/Enabling TLS 1.2 w/BC

25

A

B


How EBS Works After Enabling/Migrating to TLS 1.2 w/BC • EBS 12.2 and 12.1 is configured to use TLS 1.2, 1.1 or 1.0 • Connection will use the highest version of TLS enabled by the two parties

26

MOS Note 1367293.1 and 376700.1, Section 4.2

Intranet User

Internet User

External Site



EBS Database

DMZ

Browser supports TLS 1.2

Connection Established

Using TLS 1.2



Using TLS 1.2

External Site supports TLS 1.2 Connection

Established Using TLS 1.2


How EBS Works After Enabling/Migrating to TLS 1.2 w/BC

27


Intranet User

Internet User

External Site



EBS Database Browser supports TLS 1.1


Using TLS 1.1



Using TLS 1.2



• EBS 12.2 and 12.1 is configured to use TLS 1.2, 1.1 or 1.0 • Connection will use the highest version of TLS enabled by the two parties

DMZ


Program Agenda


28

A

B


EBS 12.2: Migrating from SSL/TLS1.0 to TLS 1.2 w/BC • Upgrade Technology Stack

– FMW 11.1.1.9 – JDK 7 or JDK 6u121 (July 2016 CPU) – Apply required patches

• Make configuration changes in the middle tier – Inbound (Section 5.2)

• Specify TLS protocol versions and cipher suites in opmn.xml, admin.conf , and ssl.conf

– Loopback and outbound (Section 5.3) • JVM parameter for all managed servers and the WebLogic administration server

– “-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2”

29

MOS Note 1367293.1


EBS 12.2: Enabling TLS w/BC Customer implementing encryption for the first time should follow section 5 • Upgrade Technology Stack


• Create a wallet and request a server certificate • Make configuration changes in the middle tier for

inbound/loopback/outbound connections • Setup a wallet in the database tier

30

MOS Note 1367293.1


Program Agenda


31

A

B


EBS 12.1: Migrating from SSL/TLS 1.0 to TLS 1.2 w/BC • Upgrade Technology Stack


• Create an openssl configuration file and request a server certificate • Make configuration changes in the middle tier

– Inbound (Section 5.2) • Specify TLS protocol versions and cipher suites in a few custom templates

– Loopback and outbound (Section 5.3) • Set https.protocols=TLSv1,TLSv1.1,TLSv1.2 in a few custom templates

32

MOS Note 376700.1


EBS 12.1: Enabling TLS 1.2 w/BC Customer implementing encryption for the first time should follow section 5 • Upgrade Technology Stack


• Create an OpenSSL configuration file and request a server certificate • Make configuration changes in the middle tier for

inbound/loopback/outbound connections • Setup a wallet in the database tier

33

MOS Note 376700.1


EBS 12.1: Key Requirements for TLS 1.2 and OpenSSL • FMW 10.1.3.5 One Off Patches

– OHS patch 24483815 and OPMN patch 24484104 contain new FMW code as well as the OpenSSL (version 1.0.2) binary .... 22447165/files/Apache/Apache/libexec/mod_ssl.so 22447165/files/Apache/Apache/libexec/mod_oc4j.so 22447165/files/Apache/open_ssl/bin/openssl ....

34

MOS Note 376700.1

http://aru.us.oracle.com:8080/ARU/PatchBrowser/get_patch_member/22447165/files/Apache/Apache/libexec/mod_ssl.so?file=22447165/files/Apache/Apache/libexec/mod_ssl.so&aru=19888550&zip=&patch=/d2/aruweb/xferfiles/cache///PatchBrowser/19888550/patch_cache//vol/patch26/PLATFORM/HPUX-64/R17101350/p22447165_101350_HP64.zip

http://aru.us.oracle.com:8080/ARU/PatchBrowser/get_patch_member/22447165/files/Apache/Apache/libexec/mod_oc4j.so?file=22447165/files/Apache/Apache/libexec/mod_oc4j.so&aru=19888550&zip=&patch=/d2/aruweb/xferfiles/cache///PatchBrowser/19888550/patch_cache//vol/patch26/PLATFORM/HPUX-64/R17101350/p22447165_101350_HP64.zip

http://aru.us.oracle.com:8080/ARU/PatchBrowser/get_patch_member/22447165/files/Apache/open_ssl/bin/openssl?file=22447165/files/Apache/open_ssl/bin/openssl&aru=19888550&zip=&patch=/d2/aruweb/xferfiles/cache///PatchBrowser/19888550/patch_cache//vol/patch26/PLATFORM/HPUX-64/R17101350/p22447165_101350_HP64.zip


EBS 12.1: Switching To OpenSSL All EBS 12.1 customers must get a new certificate or ask CA to rekey their existing certificate

35

%s_web_ssl_directory%/opmn/ewallet.p12 %s_web_ssl_directory%/opmn/cwallet.sso %s_web_ssl_directory%/Apache/ewallet.p12 %s_web_ssl_directory%/Apache/cwallet.sso

openssl-certfile - opmn.crt openssl-keyfile - server.key SSLCertificateFile - server.crt SSLCertificateKeyFile - server.key SSLCertificateChainFile - intermediate.crt

Oracle Wallet Manager (owm) OpenSSL (openssl)

SSL/ TLS1.0 10g NZ Library

TLS1.2 OpenSSL 1.0.2

Note: See Section 5.2.1, Step 2 • Make sure to use the openssl delivered with the FMW patches • Prepend the OpenSSL directory to your PATH. For example: PATH=(<10.1.3 OH>/Apache/open_ssl/bin):$PATH

New


EBS 12.1 Inbound Connections

• Create the custom template directory <FND_TOP>/admin/template/custom • Copy the following template files from <FND_TOP>/admin/template to the

custom template directory: opmn_xml_1013.tmp, httpd_conf_1013.tmp, ssl_conf_1013.tmp

• Known Issues If a patch is applied to EBS that updates the above template files, AutoConfig will fail with the following error: "Version Conflicts among development maintained and customized templates encountered; aborting AutoConfig run."

Solution: Copy the newer template to the custom folder and re-apply the modification listed in this document.

36

TLS 1.2 Key Configuration – AutoConfig Customizations

MOS Note 376700.1


EBS 12.1 Outbound/Loopback Connections

• Copy the following files from <FND_TOP>/admin/template to the custom directory, <FND_TOP>/admin/template/custom: oc4j_properties_1013.tmp, oafm_oc4j_properties_1013.tmp, forms_oc4j_properties_1013.tmp

• Known Issues

– Same AutoConfig known issue as with the inbound connection configuration

37

TLS 1.2 Key Configuration –AutoConfig Customizations

MOS Note 376700.1


Program Agenda


38

1

2

3

4

5


Program Agenda

Configuring TLS 1.2 Only Disabling HTTP Port EBS 12.2: TLS for OHS to WLS EBS 12.1: TLS for OHS to OC4J

39

A

B

C

D


Program Agenda

Configuring TLS 1.2 Only Disabling HTTP Port EBS 12.2: TLS for OHS to WLS EBS 12.1: TLS for OHS to OC4J

40

A

B

C

D


How EBS Works When Configured with TLS 1.2 Only • EBS 12.2 and 12.1 is configured to only connect with TLS 1.2 • Connection will use TLS 1.2

41


Intranet User

Internet User

External Site



EBS Database

DMZ



Using TLS 1.2



Using TLS 1.2




How EBS Works When Configured with TLS 1.2 Only

42


Intranet User

Internet User

External Site



EBS Database Browser supports TLS 1.1

ERROR! Connection

Not Established



Using TLS 1.2

External Site supports TLS 1.0 ERROR!

Connection Not Established

• EBS 12.2 and 12.1 is configured to only connect with TLS 1.2 • Connection will use TLS 1.2

DMZ

X X


Additional Considerations When Configuring TLS 1.2 Only • Products verisons with TLS 1.2

– Mobile Applications V6 (minimum) – Oracle E-Business Suite Information Discovery V7 (minimum)

• JRE Versions – JRE 8 : TLS1.2 enabled by default – JRE 7 : TLS1.2 is enabled by default as of January 2017 JAVA CPU, 1.2. – JRE 6: TLS1.2 is enabled by default as of January 2017 JAVA CPU, 1.2.

Note: If you are on an earlier JAVA CPU version, you need to manually enable TLS 1.2. Java Control Panel > Advanced tab > Advanced Security Settings section > Use TLS 1.2.

• Browser Enabled TLS1.2 by Default – IE 11/Firefox ESR 45.x/Chrome v49

43


EBS 12.2: Migrating from SSL/TLS 1.0 to TLS 1.2 Only • Upgrade Technology Stack

– FMW 11.1.1.9 – JDK 7 or JDK 6u121 (July 2016 CPU) – Database 12.1.0.2 – Apply required patches

• Make configuration changes in the middle tier – Inbound: Same as in section 5.2 for TLS 1.2 w/BC except for the following:

• Step 7: Set SSLProtocol nzos_Version_1_0 nzos_Version_1_1 nzos_Version_1_2 in admin.conf

Set ssl-versions=”TLSv1.0” in opmn.xml • Step 9: Set SSLProtocol TLSv1.2 in ssl.conf

44

MOS Note 1367293.1


EBS 12.2: Migrating from SSL/TLS 1.0 to TLS 1.2 Only

• Make configuration changes in the middle tier (continued) – Loopback and outbound (section 5.3): Same as TLS 1.2 w/BC except for the following:

• Step 1: Set JVM parameter “-Dhttps.protocols=TLSv1.2” for all managed servers and the WebLogic administration server

45

MOS Note 1367293.1


EBS 12.1: Migrating from SSL/TLS 1.0 to TLS 1.2 Only • Upgrade Technology Stack

– FMW 10.1.3.5 – JDK 7 or JDK 6u121 (July 2016 CPU) – Database 12.1.0.2 – Apply required patches

• Make configuration changes in the middle tier – Inbound, Same as in section 5.2 for TLS 1.2 w/BC except for the following:

• Section 5.2.1, Step 6: Use the value listed in Section 6.1.2, Step 1 instead

– Loopback and Outbound: Same as in Section 5.3 except for the following: • Section 5.3.1, Step 1: Set https.protocols=TLSv1.2 in a few custom template files

46

MOS Note 376700.1


Program Agenda

Configuring TLS 1.2 Only Disabling HTTP Port EBS 12.2: TLS for OHS to WLS EBS 12.1: TLS for OHS to OC4J 47

A

B

C

D


Disabling HTTP Port

• EBS 12.2 and 12.1 are now certified with only the HTTPS port accessible.

• After HTTPS (e.g. port 4443) is enabled, the HTTP port (e.g., port 8000) is

still accessible. You now may manually disable the HTTP port.

• All communication to OHS now has to be encrypted – For example: OPMN, WLS Admin Console

48

MOS Note 1367293.1 & 376700.1 Section 6.2


EBS 12.2: Disabling HTTP Port • TXK and FMW minimum requirement

– Requirements from section 5.1 and section 6.2 “Required Patches” • TXK Delta 7 bundle patch 21846184 (enable JSSE) • OPMN patch 20493440 • FMW 11.1.1.9 patch 22288381

– Recommend to apply the latest FMW CPU patch • Update httpd.conf through FMW Control Console

– Comment out the “listen ####” line – Switch the order of the include statement so that the ssl.conf is before admin.conf

• Known Issues – iHELP search failure (Bug 20472035)

49

MOS Note 1367293.1


EBS 12.1: Disabling HTTP Port • TXK and FMW minimum requirement

– Requirements from section 5.1

• Copy the template file, httpd_conf_1013.tmp, to the <FND_TOP>/admin/template/custom directory

• Comment out "Listen %s_http_listen_parameter%“

• Known Issues – iHELP search failure (20472035)

50

MOS Note 376700.1


Program Agenda


A

B

C

D


EBS 12.2: Enable TLS for OHS To WLS Connection • Enabling TLS for OHS to WLS connection is certified • Apply required AD/TXK Delta 9 patches • Overview of required steps (see MOS note for details)

– Create WLS keystores – Configure TLS on WLS – Modify OHS configuration – Configure mod_wls_ohs – Run fs_clone

52

MOS Note 1367293.1, Section 6.3

New


Program Agenda


A

B

C

D


EBS 12.1: Enable TLS for OHS To OC4J Connection • Enabling TLS for OHS to OC4J connection is certified • Edit txkChkFormsDeployment.pl to comment a line of code #instantiateNewConfigFile($template_config_file, $actual_config_file)

–Known Issues : Bug 23645824

• If other modifications (via a patch application or rollback or manual) needs to happen to $ORA_CONFIG_HOME/10.1.3/j2ee/forms/config/system-jazn-data.xml, then need to repeat the modification and reset the password for the oc4jadmin user – see the MOS Note for details

54

MOS Note 376700.1, Section 6.3


Program Agenda

Review Key Terminology and Concepts TLS 1.2 Certification with EBS 12.2 and 12.1 Overview of Key Prerequisites and Configuration Steps Optional Configurations TLS 1.2 Configuration Checklist

55

1

2

3

4

5


TLS Configuration Checklist What to Do What to Review

Source the apps environment and execute the following:

$OA_JRE_TOP/bin/java –version

Sample output:

java version “1.7.0_141” or

java version “1.6.0_151” Note: • Minimum requirement for TLS 1.2 is JDK 1.6.0_121 (July 2016 update) or 1.7.0_xx. • Follow the steps in MOS Note 455492.1 to upgrade to JDK 6 or MOS Note 1530033.1 to upgrade to JDK 1.7

56



For EBS 12.2, execute the following in the FMW 11g WebTier Oracle Home:

$opatch lsinventory –detail

Under ‘Installed Top-level Products’, look for ' Oracle WebTier and Utilities CD‘ The version should show ‘11.1.1.9.0’.

For EBS 12.1, execute the following in the FMW 10g WebTier Oracle Home:

$opatch lsinventory –detail

Check the FMW inventory for the required patches TLS 1.2 • FMW 10.1.3.5 20080288, 22447165 and 22458773. SHA-2 • FMW 10.1.3.5 Oct 2015 CPU patch: 20080288 and • For AIX/HP: 21948197 • For Windows: 22251660

57



To research errors with an inbound connections (see Section 4.1 for definition), check the following file: ssl.conf Located in the following directory <s_ohs_instance_loc>/config/OHS/<s_ohs_component>

Review the configuration in the ssl.conf file. If you are enabling “TLS 1.2 w/BC” the following lines are required: SSLProtocol TLSv1 TLSv1.1 TLSv1.2 SSLCipherSuite HIGH:MEDIUM:!aNULL:!RC4:+HIGH:+MEDIUM If you are enabling “TLS 1.2 Only” the following lines are required: SSLProtocol TLSv1.2 SSLCipherSuite HIGH:MEDIUM:!aNULL:!RC4:+HIGH:+MEDIUM

58


TLS Configuration Checklist

59

What to Do What to Review

To research errors with inbound connections (see Section 4.1 for definition), check the following file: httpd_conf_1013.tmp , located in the <FND_TOP>/admin/template/custom directory

The following lines should be in the httpd_conf_1013.tmp file: <IfDefine SSL> #LoadModule ossl_module libexec/mod_ossl.so LoadModule ssl_module libexec/mod_ssl.so </IfDefine>


References

60


Documentation

Title Doc ID

FAQ: Oracle E-Business Suite Security 2063486.1

Oracle E-Business Suite Security Guide, Release 12.2 – Secure Configuration Chapter N/A

Secure Configuration for Oracle E-Business Suite Release 12 403537.1

Enabling TLS in Oracle E-Business Suite Release 12.2 1367293.1

Enabling SSL or TLS in Oracle E-Business Suite Release 12.2 2143101.1

Enabling TLS in Oracle E-Business Suite Release 12.1 376700.1

Enabling SSL or TLS in Oracle E-Business Suite Release 12 2143099.1

CVE-2014-3566 - Instructions to Mitigate the SSLv3 Vulnerability ("POODLE Attack") in Oracle E-Business Suite 1937646.1

61


• EBS Documentation and Training – EBS 12.2 Information Center MOS Note 1581299.1

Includes link to the EBS Documentation Web Library

– EBS Release Content Documents MOS Note 1302189.1

– EBS Transfer of Info (TOI) Online Training MOS Note 807319.1

62

Where to Find More Information Oracle E-Business Suite Release 12.2

EBS 12.2 Information Center

https://support.oracle.com/epmos/faces/DocumentDisplay?_afrLoop=388785906173942&id=1581299.1



https://support.oracle.com/epmos/faces/DocumentDisplay?parent=DOCUMENT&sourceId=1581299.1&id=807319.1

https://support.oracle.com/epmos/faces/DocumentDisplay?parent=DOCUMENT&sourceId=1581299.1&id=807319.1


http://docs.oracle.com/cd/E26401_01/nav/scm.htm


Transfer of Information (TOI) Online Training

• Implement and Use Application Object Library - SECURITY: Redirect Filter • Implement and Use E-Business Suite Secure Configuration - Allowed JSPs • Implement and Use E-Business Suite Secure Configuration - Cookie Domain

Scoping

63

Learn More About Oracle E-Business Suite 12.2 New Features

MOS Note 807319.1


Oracle E-Business Suite Learning Subscription

• Free access to hundreds of videos – Virtual Conference, What’s New, User

Experience, Advice from Development

• Paid subscription access to over 500 technical and functional training sessions – In-depth courses with hands-on labs – Supplemental learning modules with demos – 12.2 solution overviews with demos

• Continuous updates and additions

64

Stay Up-to-Date on Everything Oracle E-Business Suite

education.oracle.com/subscriptions/ebs

http://education.oracle.com/subscriptions/ebs


Oracle E-Business Suite Learning Subscription

65

Applications Technology Channel

Here you will find the following recordings:

• Managing Oracle E-Business Suite Security and Auditing

• Ready or Not: Applying Secure Configuration to Oracle E-Business Suite

• TLS 1.2 Configuration for Oracle E-Business Suite

• …and more technology related sessions




Oracle E-Business Suite Technology Blog

• Direct from EBS Development • Latest news • Certification announcements • Primers, FAQs, tips • Desupport reminders • Latest upgrade recommendations • Statements of Direction • Subscribe via email or RSS

blogs.oracle.com/stevenchan

66


Education: E-Business Suite Learning Subscription

• Channel Dedicated to “EBS and Oracle Cloud”

• Available Today: – Running EBS on Oracle Cloud: Why, What and How? – Deploying EBS on Oracle Cloud: Getting Started

– Deploying EBS on Oracle Cloud: Multi-Node Topologies – Advanced Architectures for Oracle E-Business Suite – Oracle E-Business Suite on Oracle Cloud - Technical Insight

– Leverage Integration Cloud Service for Oracle E-Business Suite – Secure Configuration for Oracle E-Business Suite in Oracle Cloud

– Enterprise Manager 13c Cloud Control for Managing E-Business Suite – Oracle E-Business Information Discovery: Your Journey to The Cloud – Oracle E-Business Suite Coexistence with Oracle HCM Cloud

– Financial Accounting Hub (FAH) Reporting Cloud Coexistence with EBS GL – Oracle Sales Cloud Coexistence with E-Business Suite Quotes – Oracle Service Cloud (RightNow) Coexistence with EBS Field Service

– OTM/GTM in the Cloud for E-Business Suite Customers – More to come…..

67

Oracle E-Business Suite and Oracle Cloud


Dedicated Channel Oracle E-Business Suite and Oracle Cloud



http://education.oracle.com/pls/web_prod-plq-dad/db_pages.getpage?page_id=904&get_params=cloudId:243,channelId:3102

http://education.oracle.com/pls/web_prod-plq-dad/db_pages.getpage?page_id=904&get_params=cloudId:243,channelId:3102


Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | 68

https://blogs.oracle.com/EBSandOracleCloud/ Blog: Oracle E-Business Suite and Oracle Cloud

• Live since 1st June 2016

• 40+ Articles since 1st June 2016

• Dedicated to EBS and Oracle Cloud Topics

• Sponsored by EBS Development Executives

Subscribe by Email

https://feedburner.google.com/fb/a/mailverify?uri=OracleE-businessSuiteAndOracleCloud&loc=en_US


Oracle E-Business Suite: Applications Technology

Join us on Facebook

facebook.com/groups/EBS.SysAdmin

69

TLS 1.2 Configuration for Oracle E-Business Suite 12.2 and 12

Documents

Transcript of TLS 1.2 Configuration for Oracle E-Business Suite 12.2 and 12