How to stop man-in-the-middle attacks on SSL enabled APIs
(Doc ID 2769264.1)
Last updated on MAY 28, 2021
Applies to:Oracle API Platform Cloud Service - Version N/A and later
Information in this document applies to any platform.
Even with Secure Socket Layer (SSL) enabled in the APIs from Oracle Integration Cloud (OIC), interceptor tools like Burp can let a malicious hacker to intercept the REST API calls from Oracle Virtual Builder Cloud Service (VBCS) to OIC and modify the contents.
Ideally, when SSL is enabled, man-in-the-middle attacks should not be possible.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document