Configuring TLS Mutual Authentication With EAI HTTP Transport And Outbound Web Services (Doc ID 560965.1)

Last updated on SEPTEMBER 03, 2023

Applies to:

Purpose

TLS mutual authentication can be used to authenticate a client to a web server. The authentication happens during the SSL handshake using certificates.

In some versions, EAI HTTP Transport has Mutual Authentication support.  It  allows the Siebel Server to present a specific client certificate to an external web server that is configured for mutual authentication.

This client/mutual authentication feature includes support for:

• NULL encryption (On Unix platform only)
• integrity (SHA-1, MD5) Note:SHA-2 (SHA-224, SHA-256, SHA-384 и SHA-512) is not supported on Unix.
• TLS Caching

This bulletin explains how to configure SSL Mutual Authentication feature implemented as a part of the Siebel "EAI HTTP Transport" business service.

Scope

Intended audience: Administrators, Developers.

Because of known vulnerabilities in SSL Oracle recommends customers upgrade to the latest Siebel Innovation pack / patch set  on 8.1/8.2 release, which support TLS securely.    

TLS and SHA support for Siebel: Mitigating security in Siebel CRM Application  (Doc ID "How To Setup 3rd Party SHA1 And SHA2 Certificates For Outbound API Calls On Different Siebel Versions That Run On Unix/Linux OS? (Doc ID 2226450.2)" provides additional information on SSL security information.

Note: All comments below apply to configurations supporting TLS.

Details

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.