My Oracle Support Banner

How to stop man-in-the-middle attacks on SSL enabled APIs (Doc ID 2769264.1)

Last updated on MAY 28, 2021

Applies to:

Oracle API Platform Cloud Service - Version N/A and later
Information in this document applies to any platform.

Goal

Even with Secure Socket Layer (SSL) enabled in the APIs from Oracle Integration Cloud (OIC), interceptor tools like Burp can let a malicious hacker to intercept the REST API calls from Oracle Virtual Builder Cloud Service (VBCS) to OIC and modify the contents.

Ideally, when SSL is enabled, man-in-the-middle attacks should not be possible.

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.