Enforce TLSv1.2 or Above for the 9.1 New Tech Stack Release

CA-signed SSL certificates are required for 9.1 New Tech Stack installations. See Appendix D of the Oracle MICROS Enterprise Back Office Security Guide for instructions. Confirm that the SSL certificate password as well as the keystore password only contain alphanumeric characters. Special characters, symbols, or spaces are not allowed for the password.

Follow these steps to enforce usage of the TLSv1.2 protocol:

  1. Navigate to the myMicros installation directory.
  2. Modify myMicros/oracle/Middleware/wlserver/common/bin/commEnv.cmd
    1. Add the following code to the top of the file:
      set JAVA_OPTIONS=%JAVA_OPTIONS% -Dweblogic.security.SSL.protocolVersion=TLSv1.2 -Dweblogic.security.SSL.minimumProtocolVersion=TLSv1.2
  3. Modify myMicros/oracle/Middleware/oracle_common/common/bin/setWlstEnv_internal.cmd
    1. Find the code line that starts with SET JVM_ARGS.
    2. Add the following code:

      –Dweblogic.security.SSL.minimumProtocolVersion=TLSv1.2

      The new code line now reads as:

      SET JVM_ARGS=%WLST_PROPERTIES% %UTILS_MEM_ARGS% %CONFIG_JVM_ARGS% -Dweblogic.security.SSL.minimumProtocolVersion=TLSv1.2