APPS Blogs

OpenSSL and mod_ssl Replacing Oracle Wallet and mod_ossl for EBS 12.1

Steven Chan - Thu, 2017-12-14 12:14

The use of mod_ssl is being phased in along with OpenSSL for the E-Business Suite 12.1 product line. Oracle E-Business Suite Release 12.1 is migrating to OpenSSL and mod_ssl technology in order to future proof the TLS implementation.  OpenSSL and mod_ssl are required for TLS 1.1 or TLS 1.2 and to support new cipher suites.

We provided support for mod_ssl and OpenSSL in a phased approach, so that deployment can be planned methodically.  Given the rate of SSL and TLS vulnerabilities that have been found recently and the limited number of strong cipher suites supported with Oracle Wallet, we highly recommend that our customers make the transition to TLS 1.1 or 1.2 sooner rather than later. This way, migrating does not have to be done as a fire drill.

You should follow the instructions in Enabling TLS in Oracle E-Business Suite Release 12.1 (Note 376700.1) to implement or migrate to OpenSSL and mod_ssl. 

For reference, the older mod_ossl (SSL v3 and TLS 1.0) which uses the Oracle wallet for the certificates is documented in Enabling SSL or TLS in Oracle E-Business Suite Release 12 (2143099.1).  

Related Articles

References

Categories: APPS Blogs

Latest Updates + FREE Training This Week

Online Apps DBA - Thu, 2017-12-14 03:38

In this Week, you will find: 1. Oracle GoldenGate 12c Administration Training Review   1.1 GoldenGate Day 1 Architecture Overview & Installation: Lessons Learned & Key Takeaways   1.2 GoldenGate Day 2 Processes Configuration & Replication Setup: Lessons Learned & Key Takeaways 2. Oracle Apps DBA – Troubleshoot/Debug Long Running Concurrent Request in Oracle EBS (R12/11i) 3. Oracle SOA Suite […]

The post Latest Updates + FREE Training This Week appeared first on Oracle Trainings for Apps & Fusion DBA.

Categories: APPS Blogs

Different Authentication Settings for Internal and External Users with EBS 12.2 Now Available

Steven Chan - Tue, 2017-12-12 11:05

I'm pleased to inform you of a recent enhancement delivered for Oracle E-Business Suite 12.2  If you are using Oracle E-Business Suite 12.2.6 or higher you may now configure single sign-on and local authentication at the site and server level.   

Note:  Local authentication simply means that native Oracle E-Business Suite authentication is used. 

With prior Oracle E-Business Suite releases, if you integrated with Oracle Access Manager for Single Sign-On  all users were configured for single sign-on authentication.  Now, you may choose to register your Oracle E-Business Suite 12.2.6+ instance with Oracle Access Manager for single sign-on for all internal users while external users may use local user authentication.  This enhancement also eliminates the requirement to add external users to your corporate directory service.

 

 

For additional details regarding the configuration options refer to Section 6.5 Configure Single Sign-on at Site or Server Level  in Integrating Oracle E-Business Suite Release 12.2 with Oracle Access Manager 11gR2 (11.1.2) using Oracle E-Business Suite AccessGate (Doc ID 1576425.1)

Related Articles

References

Categories: APPS Blogs

Secure Configuration Guidelines for Oracle E-Business Suite 12.2 and 12.1

Steven Chan - Mon, 2017-12-11 11:32

We've been providing Oracle E-Business Suite secure configuration guidelines or best practices in our published MOS Notes and guides for some time now. Our secure configuration deployment guidelines include the following recommendations:

Related Articles

References

Categories: APPS Blogs

Secure Oracle E-Business Suite 12.2 with Allowed Redirects

Steven Chan - Thu, 2017-12-07 13:37

A redirect is an HTTP response status code "302 Found" and is common method for redirecting a URL. Client redirects are a potential attack vector. The Oracle E-Business Suite 12.2.4+ Allowed Redirects feature allows you to define a whitelist of allowed redirects for your Oracle E-Business Suite 12.2 environment. Allowed Redirects is enabled by default with Oracle E-Business Suite 12.2.6.

When the Allowed Redirects feature is enabled, redirects to sites that are not configured in your whitelist are not allowed. This feature provides defense against unknown and potentially damaging sites. This is an example of an attack that the Allowed Redirect feature will prevent if properly configured:

Your users will see an error message if a redirect is blocked by Allowed Redirects:

Note: Allowed Redirects will only block navigation to sites that happen via client redirects. It is not intended to prevent other methods for accessing external sites.

Where can I learn more?

Related Articles

References

Categories: APPS Blogs

GoldenGate, SOA Admin, OAM & Apps DBA + FREE Training This Week

Online Apps DBA - Thu, 2017-12-07 01:57

  In this Week, you will find: 1. Oracle GoldenGate for DBAs, Apps DBAs and Cloud Migration    1.1 [FREE Live Webinar] Learn Oracle GoldenGate What, Why & How    1.2 Oracle GoldenGate 12c: Troubleshooting using LogDump Utility 2. Concurrent Managers: Overview & Concepts Oracle EBS R12 for Apps DBAs 3. For SOA & FMW Admins: Oracle SOA Suite Administration: […]

The post GoldenGate, SOA Admin, OAM & Apps DBA + FREE Training This Week appeared first on Oracle Trainings for Apps & Fusion DBA.

Categories: APPS Blogs

Secure Oracle E-Business Suite 12.2 with Cookie Domain Scoping

Steven Chan - Fri, 2017-12-01 11:56

A cookie is a mechanism of storing state across requests to web site. When a site is accessed, a user's browser uses the cookie to store information such as a session identifier. When the site is accessed on a future occasion, the information in the cookie can be reused. If a domain is not specified, then the browser does not send the cookie beyond the originating host.

The Oracle E-Business Suite 12.2 Cookie Domain Scoping feature allows you to define the scope of the cookie. Your scoping configuration requirements will be dictated by the external integrations used with your Oracle E-Business Suite environment and your network configuration. Refer to the documentation for more information regarding your configuration requirements.

Where can I learn more?

Related Articles

References

Categories: APPS Blogs

FMW, GoldenGate & Apps DBA + FREE Training This Week

Online Apps DBA - Thu, 2017-11-30 03:06

[K21Academy Weekly Newsletter] 171130 Subject: FMW, GoldenGate & Apps DBA + FREE Training This Week In this weeks issue, you will find:- 1. [Facebook Live] SSL/TLS Oracle Fusion Middleware & EBS (R12) 2. WebLogic / Oracle FMW to RAC Database connection: Using Active GridLink ? 3. [Video] Oracle GoldenGate: What Why And How To Learn 4. ADOP (R12.2 Online […]

The post FMW, GoldenGate & Apps DBA + FREE Training This Week appeared first on Oracle Trainings for Apps & Fusion DBA.

Categories: APPS Blogs

Secure Oracle E-Business Suite 12.2 with Allowed JSPs/Resources

Steven Chan - Wed, 2017-11-29 11:38

Oracle E-Business Suite is delivered with JSPs and servlets. Most customers use only a subset of these provided resources. The Allowed JSPs or Allowed Resources feature allows you to reduce your attack surface by disabling JSPs or servlets that are not used in your environment. You can allow or deny resources at the family, product or resource level.

The Allowed JSPs feature allows you to define a whitelist of allowed JSPs for your Oracle E-Business Suite 12.2 environment. When enabled, accessing JSPs that are not configured in your whitelist is not allowed.

The Allowed Resources feature expands upon the concept of the Allowed JSPs feature and allows you to define a whitelist of allowed JSPs and servlets for your Oracle E-Business Suite 12.2 environment. When enabled, accessing JSPs or servlets that are not configured in your whitelist is not allowed.

Your users will see an error message if a resource is blocked by the Allowed JSPs or Allowed Resources feature.

Refer to the documentation for more information on how to to deploy and configure the Allowed JSPs or Allowed Resources feature.

Which EBS Releases include Allowed JSPs or Allowed Resources?

  • Allowed JSPs is delivered with Oracle E-Business Suite Release 12.2.4
  • Allowed Resources can be enabled with Oracle E-Business Suite 12.2.6+.
  • Allowed Resources with a new user interface and recommendations to provide ease of configuration is on by default with Oracle E-Business Suite 12.2.7.

Where can I learn more?

Related Articles

References

Categories: APPS Blogs

Check and Deploy Secure Configuration for Oracle EBS 12.2 and 12.1

Steven Chan - Mon, 2017-11-27 12:43

The Secure Configuration Console provides a single dashboard for you to review if your Oracle E-Business Suite environment is in compliance with critical secure configuration guidelines. You may already be familiar with the set of secure configuration scripts that can be executed in your environment to check secure configuration. The Secure Configuration Console expands on these checks providing additional features and a new user interface. You can access the Secure Configuration Console from the Configuration Manager tab via the Functional Administrator responsibility.

Using the Secure Configuration Console dashboard, you can:

  • Check the high priority secure configuration items in your environment
  • Review and implement secure configuration recommendations where applicable
  • Click to automatically configure some checks in the console
  • Suppress checks that are not relevant to your system

Which Oracle E-Business Suite Releases include the Secure Configuration Console?

The Secure Configuration Console is available as of Oracle E-Business Suite 12.2.6. We recently enhanced this feature to include a total of 24 checks with the release of Oracle E-Business Suite 12.2.7. This feature has also been back-ported to Oracle E-Business Suite 12.1.3 after applying patch 26090737.

Where can I learn more?

Related Articles

References

Categories: APPS Blogs

[K21Academy Weekly Newsletter] 171123 Happy Thanksgiving & Happy Holidays if you are in USA or Canada

Online Apps DBA - Thu, 2017-11-23 08:04

[K21Academy Weekly Newsletter] 171123 Happy Thanksgiving & Happy Holidays if you are in USA or Canada. Thanks for registering my Weekly Newsletter where you get latest Updates, Tips & How To Get related to Oracle. In this Week, you will find: 1. Oracle EBS (R12) on Cloud for Beginners: 15 Must-Know Things 2. Oracle Fusion […]

The post [K21Academy Weekly Newsletter] 171123 Happy Thanksgiving & Happy Holidays if you are in USA or Canada appeared first on Oracle Trainings for Apps & Fusion DBA.

Categories: APPS Blogs

Using Fast Offline Conversion to Enable Transparent Data Encryption in EBS

Steven Chan - Mon, 2017-11-20 13:07

We are pleased to announce a new capability that enables you to perform offline, in-place conversion of datafiles for use with Transparent Data Encryption (TDE). This Fast Offline Conversion feature is now available for use with Oracle E-Business Suite 12.1.3 and 12.2.2 and later 12.2.x databases.

What does this feature do?

Fast Offline Conversion converts existing clear data to TDE-encrypted tablespaces.

The encryption is transparent to the application, so code does not have to be rewritten and existing SQL statements will work unchanged. Any authorized database session can read the encrypted data: the encryption only applies to the database datafiles and backups.

This new process is now the recommended procedure for converting to TDE with minimal downtime and lowest complexity. It supersedes previous methods for converting to TDE.

How do I go about using this feature?

You enable Fast Offline Conversion by applying a patch to your EBS 12.1.0.2 or 11.2.0.4 database. The patch - which is available on request from Oracle Support - enables offline, in-place TDE conversion of datafiles.

Where are the detailed instructions?

Full steps for enabling Fast Offline Conversion are provided in the following My Oracle Support knowledge document:

Related Articles

Categories: APPS Blogs

Migrate EBS (R12) to Cloud , SSL & GoldenGate Install

Online Apps DBA - Fri, 2017-11-17 02:17

[K21Academy Weekly Newsletter] 171116 Subject: Migrate EBS(R12) To Cloud, SSL & GoldenGate Install In this weeks issue, you will find:- 1. Migrating Oracle EBS (R12) to Cloud ? 10 Things You must consider before Migration (Lift & Shift) 2. SSL in Oracle Fusion Middleware (WebLogic, OHS, SOA, OAM, OID, OVD etc 3. Oracle GoldenGate: Installation […]

The post Migrate EBS (R12) to Cloud , SSL & GoldenGate Install appeared first on Oracle Trainings for Apps & Fusion DBA.

Categories: APPS Blogs

How Long Can I Get Support for a Specific Java Update?

Steven Chan - Wed, 2017-11-15 15:11
Java logo

Support timelines for Oracle products can be tricky to understand.  The time that an overall product release gets updates is governed by the dates in the Oracle Lifetime Support Policies.

EBS users have 12 months to upgrade to the latest Fusion Middleware component patchsets, and 24 months to upgrade to the latest database components. These are called grace periods.

For dates of grace periods for specific Database or Fusion Middleware patchsets, see:

What are the support dates for different Java releases?

Extended Support for Java SE 6 ends on December 31, 2018. E-Business Suite customers must upgrade their servers to Java SE 7 before that date.

Premier Support for Java SE 7 runs to July 31, 2019. Extended Support for Java SE 7 runs to July 31, 2022. 

Do Java updates have grace periods?

No. Support for Java updates works differently than other Oracle products.  New bug fixes and security updates are always delivered on top of the latest Java update available at the time.

This policy applies to Java running on EBS servers, as well as JRE and Java Web Start running on end-user client desktops.

For example:

As of the date that this article was published, the latest Java SE 7 available is Update 1.7.0_161. 

If you report an issue today with an earlier Java SE 7 update such as Java 7 Update 1.7.0_10, you will be asked to apply 1.7.0_161 and attempt to reproduce the issue.

If the issue does not reproduce, then the solution will be to apply 1.7.0_161 to all of your end-user desktops.

If the issue does reproduce, then Oracle Java Support will log a bug and fix the issue on a Java release later than 1.7.0_161.

Related Articles

 

Categories: APPS Blogs

Can You Run ADOP (Online Patching) Over a Daylight Savings Time Change?

Steven Chan - Mon, 2017-11-13 16:17

A customer running E-Business Suite 12.2 recently asked whether there were any issues with running ADOP or performing other Online Patching activities over the Daylight Savings Time changeover period.  

The answer: no, there are no issues with running ADOP or performing any other Online Patching functions when timezone definitions change due to Daylight Savings Time.

For more information about Daylight Savings Time in EBS environments, see:

Related Articles

Categories: APPS Blogs

Diagnosing EBS 12.2 Upgrade Performance Issues

Steven Chan - Thu, 2017-11-09 12:06

Our Performance team has a deep set of recommendations for minimizing downtimes when upgrading to EBS 12.2.7:

They have recently updated a companion document to that Note. The companion document describes diagnostic strategies and methods to identify and resolve performance issues when upgrading to EBS 12.2 from EBS 11i, 12.0, and 12.1:

This guide covers:

  • Statistics to gather before starting the EBS 12.2 upgrade
  • Performance tuning the Online Patching Enablement phase
  • Obtaining top SQL in cursor caches or AWR
  • Identifying long-running SQL using ALLSTATS
  • Automation options for Display Cursor reports
  • Using SQL Monitor Reports
  • Reporting on CBO statistics for all E-Business Suite tables
  • Diagnostics to gather after each upgrade phase
  • Online Patching diagnostics

Related Articles

Categories: APPS Blogs

October 2017 Update to E-Business Suite Technology Codelevel Checker (ETCC)

Steven Chan - Tue, 2017-11-07 11:22

The E-Business Suite Technology Codelevel Checker (ETCC) tool helps you identify application or database tier overlay patches that need to be applied to your Oracle E-Business Suite Release 12.2 system. ETCC maps missing overlay patches to the default corresponding Database Patch Set Update (PSU) patches, and displays them in a patch recommendation summary.

What’s New

ETCC has been updated to include bug fixes and patching combinations for the following recommended versions of the following updates:

  • Oracle Database Proactive BP 12.1.0.2.171017
  • Oracle Database PSU 12.1.0.2.171017
  • Oracle JavaVM Component Database PSU 12.1.0.2.171017
  • Oracle Database Patch for Exadata BP 11.2.0.4.171017
  • Oracle Database PSU 11.2.0.4.171017
  • Oracle JavaVM Component Database PSU 11.2.0.4.171017
  • Microsoft Windows Database BP 12.1.0.2.170228
  • Oracle JavaVM Component 12.1.0.2.170228 on Windows
  • Microsoft Windows Database BP 11.2.0.4.170418
  • Oracle JavaVM Component 11.2.0.4.170418 on Windows

Obtaining ETCC

We recommend always using the latest version of ETCC, as new bugfixes will not be checked by older versions of the utility. The latest version of the ETCC tool can be downloaded via Patch 17537119 from My Oracle Support.

References

Related Articles

Categories: APPS Blogs

New OA Framework 12.2.5 Update 17 Now Available

Steven Chan - Fri, 2017-11-03 11:27

Web-based content in Oracle E-Business Suite Release 12 runs on the Oracle Application Framework (also known as OA Framework, OAF, or FWK) user interface libraries and infrastructure. Since the initial release of Oracle E-Business Suite Release 12.2 in 2013, we have released a number of cumulative updates to Oracle Application Framework to fix performance, security, and stability issues.

These updates are provided in cumulative Release Update Packs, and cumulative Bundle Patches that can be applied on top of the Release Update Packs. In this context, cumulative means that the latest RUP or Bundle Patch contains everything released earlier.

The latest OAF update for Oracle E-Business Suite Release 12.2.5 is now available:

Where is this update documented?

Instructions for installing this OAF Release Update Pack are in the following My Oracle Support knowledge document:

Who should apply this patch?

All Oracle E-Business Suite Release 12.2.5 users should apply this patch.  Future OAF patches for EBS Release 12.2.5 will require this patch as a prerequisite. 

What's new in this update?

This bundle patch is cumulative: it includes 51 fixes in total, including all fixes released in previous EBS Release 12.2.5 bundle patches.

This latest bundle patch includes fixes for following bugs/issues:

  • A horizontal scroll bar appears on the page when the Title/Description of an attachment is too long.
  • There is a script error on clicking GO button on WebADI LOV window while selecting WebADI template.

Related Articles

Categories: APPS Blogs

Reminder: Upgrade JDK 6 on EBS Servers Before December 2018

Steven Chan - Thu, 2017-11-02 17:26

E-Business Suite 12.1 and 12.2 both included Java SE 6 as part of their server-based technology stacks.  Both EBS 12.1 and 12.2 are certified with Java SE 7:

Upgrade EBS servers to JDK 7 before December 2018

Extended Support for Java SE 6 ends on December 31, 2018. E-Business Suite customers must upgrade their servers to Java SE 7 before that date.

Upgrade EBS end-user desktops to Java 7 or 8

Extended Support for Java SE 6 Deployment technology ended on June 30, 2017.  EBS end-user desktops running JRE 6 should be upgraded to any of the following certified options:

How can EBS customers obtain Java 7?

EBS customers can download Java 7 patches from My Oracle Support.  For a complete list of all Java SE patch numbers, see:

Both JDK and JRE packages are now contained in a single combined download.  Download the "JDK" package for both the desktop client JRE and the server-side JDK package. 

Can EBS servers be upgraded to JDK 8?

No. The server-side technology stack Fusion Middleware components (e.g. Forms 10g) included in these two EBS releases are not compatible with Java SE 8.  There are currently no plans to update those FMW components to be JDK 8 compatible.  

JRE 8 can be used on desktop clients accessing EBS 12.1 and 12.2.

It is expected that a future release of EBS 12.x will incorporate new FMW technology stack components that will be compatible with JDK 8 or higher.  We’re working on that now.

When will that new EBS 12.x be released?

Oracle's Revenue Recognition rules prohibit us from discussing certification and release dates, but you're welcome to monitor or subscribe to this blog. I'll post updates here as soon as soon as they're available.    

Related Articles

Categories: APPS Blogs

Live Demo: Create Database on Cloud & FREE Trainings This Week

Online Apps DBA - Thu, 2017-11-02 04:59

[K21Academy Weekly Newsletter] 171102 Subject: Live Demo: Create Database on Cloud & FREE Trainings This Week Interesting This Week: 1. Create Oracle Database on Cloud 2. FREE Information/Guides This Week 2.1 Role of DBA in Cloud 2.2 7 Docs every Apps DBA must read before Integrating OAM 2.3 EBS (R12)-OAM Integration: Troubleshooting 3. Useful FREE […]

The post Live Demo: Create Database on Cloud & FREE Trainings This Week appeared first on Oracle Trainings for Apps & Fusion DBA.

Categories: APPS Blogs

Pages

Subscribe to Oracle FAQ aggregator - APPS Blogs