E1: SVM: How to Implement TLS v1.2 for Secure JMX Protocol Communication on Server Manager Console Version 22.214.171.124 and Higher
(Doc ID 2723106.1)
Last updated on FEBRUARY 11, 2021
JD Edwards EnterpriseOne Tools - Version 9.2 and later Information in this document applies to any platform.
This document explains the procedure to implement TLS v1.2 for secure JMX Protocol communication on Server Manager Console version 126.96.36.199 and higher.
For following the below procedure, we will consider that at least Server Manager Management Console has been installed or upgraded/updated to version 188.8.131.52.
If the TLS v1.2 has been previously used and then the Server Manager Management Console has been upgraded/updated to version 184.108.40.206, then the arguments which have been previously set for embedded agents (Java servers start arguments, or Java arguments set in JDE.INI on Enterprise Servers), or for standalone agents (Windows Service start arguments or arguments set in runAgent script) can be safely deleted as these settings have been copied into the agent.properties file and when the E1 agents are started, the values are used from agent.properties file only. Also, the passwords stored in the agent.properties for identity store, key store and trusted certificates store are now encrypted.
This document is intended to be followed when previously, on Server Manager Management Console the old TLS v1 was used (by re-enabling the 3DES algorithm in java.security file for newer versions of Java), or secure JMX communication protocol was disabled (...usesecurejmx=false in agent.properties).
Also, this document can be used after Server Manager Management Console 9.2.5 or later has been freshly installed and it is required that all the E1 agents to be shown as running in Server Manager Management Console and managed instances to be registered before using the automated TLS configuration described in Doc ID 2749197.1 - Automated TLS/SSL Configuration for Server Manager Console and Agent (Tools Release 9.2.5x and later)
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!