How to Configure Oracle HTTP Server to Use ECC Certificates and ECDHE_ECDSA CipherSuite (Doc ID 2110254.1)

Last updated on AUGUST 26, 2016

Applies to:

Oracle HTTP Server - Version 11.1.1.9.0 to 12.2.1.0.0 [Release Oracle11g to 12c]
Information in this document applies to any platform.

Goal

ECDHE_ECDSA cipher suite options are provided with newer OHS versions in order to work with ECC certificates. This document will outline requirements and successful implementation of ECC certificates with ECDHE_ECDSA ciphers. Note ECC certificates and ECDHE_ECDSA ciphers are only supported on OHS 11.1.1.9, 12.1.2, 12.1.3, 12.2.1 and higher where TLS 1.2 protocol is also supported.

Notes:

- ECDHE_ECDSA ciphers require an ECC (ECDSA) certificate. They will not work with RSA certificates.
- ECDHE_RSA ciphers require an an RSA certificate. They will not work with ECC/ECDSA certificates.

You may also be interested in configuring SSL FIPS 140-2 Standards, which also includes support for ECC certificates:

<Note 2115681.1> SSL FIPS 140-2 Standard for Oracle HTTP Server 11.1.1.9

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms