OID11g - How to use TLSv1.0 or TLSv1.1 or TLSv1.2 only in OID environment (to work with DIP, ODSM, EM) after setting orclcryptoversion 28, 24 or 16
(Doc ID 2597481.1)
Last updated on OCTOBER 21, 2020
Applies to:Oracle Internet Directory - Version 220.127.116.11.0 and later
Information in this document applies to any platform.
Starting to OID 18.104.22.168.0, is possible to choose what SSL protocol to use with OID by using orclcryptoversion attribute
For setting OID to only work with more recent and secure SSL protocols as TLSv1.1.& TLSv1.2, orclcryptoversion must be set to 28(TLSv1.0+TLSV1.1+TLSv1.2), 24 (TLSV1.1+TLSv1.2) or 16 (TLSv1.2).
However, although, OID is indeed using requested protocol (i.e. TLSv1.2), DIP and ODSM and accessing OID components through EM may not work and the following effects may be seen:
1. oid1 is down in EM
2. DIP in not able to connect to OID (Quartz Scheduler and MBeans are Down)
3. ODSM is not accessible through SSL port.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document