Configuring TLS Mutual Authentication With EAI HTTP Transport And Outbound Web Services
(Doc ID 560965.1)
Last updated on SEPTEMBER 03, 2023
Applies to:
Siebel CRM - Version 7.7.2 SIA [18325] and laterInformation in this document applies to any platform.
Purpose
TLS mutual authentication can be used to authenticate a client to a web server. The authentication happens during the SSL handshake using certificates.
In some versions, EAI HTTP Transport has Mutual Authentication support. It allows the Siebel Server to present a specific client certificate to an external web server that is configured for mutual authentication.
This client/mutual authentication feature includes support for:
• NULL encryption (On Unix platform only)
• integrity (SHA-1, MD5) Note:SHA-2 (SHA-224, SHA-256, SHA-384 и SHA-512) is not supported on Unix.
• TLS Caching
This bulletin explains how to configure SSL Mutual Authentication feature implemented as a part of the Siebel "EAI HTTP Transport" business service.
Scope
Intended audience: Administrators, Developers.
Because of known vulnerabilities in SSL Oracle recommends customers upgrade to the latest Siebel Innovation pack / patch set on 8.1/8.2 release, which support TLS securely.
TLS and SHA support for Siebel: Mitigating security in Siebel CRM Application (Doc ID "How To Setup 3rd Party SHA1 And SHA2 Certificates For Outbound API Calls On Different Siebel Versions That Run On Unix/Linux OS? (Doc ID 2226450.2)" provides additional information on SSL security information.
Note: All comments below apply to configurations supporting TLS.
Details
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Purpose |
Scope |
Details |
References |