Support of SSL FIPS 140-2 Standard for Oracle HTTP Server 12.1.3
(Doc ID 2160983.1)
Last updated on FEBRUARY 08, 2024
Applies to:
Oracle HTTP Server - Version 12.1.3.0.0 to 12.1.3.0.0 [Release 12c]Oracle Fusion Middleware - Version 12.1.3.0.0 to 12.1.3.0.0 [Release 12c]
Information in this document applies to any platform.
- Patches in this document are strongly recommended for security, even if SSLFIPS is not enabled
Goal
SSL FIPS 140-2 Standard for Oracle HTTP Server 12.1.3
Configuration of Oracle HTTP Server (OHS) 12.1.3 to meet FIPS 140-2 standards is essentially setting an "SSLFIPS On" setting and ensuring certificate, protocol and cipher requirements are met. Patches are supplied to help configure correctly, fix security issues and ensure the code is FIPS 140-2 compliant.
This has been a post-release certification for OHS 12.1.3 as installed from OHS 12.1.3 distribution media. It does not include other environments where OHS is integrated. Surrounding components may also have requirements to meet FIPS 140-2 standards.
See the below information for OHS 12.1.3 patching and configuration requirements. This document supersedes "<Note:2051048.1> Oracle HTTP Server 12.1.3 Will Not Start With FIPS Mode Turned On", however see the Known Issue at the bottom of this document for a similar issue.
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Goal |
SSL FIPS 140-2 Standard for Oracle HTTP Server 12.1.3 |
Solution |
Patches Required |
Configuration Steps |
Known Issues |
References |