Enabling TLS for Oracle Publisher Running on Oracle WebLogic Server

You must enable Transport Layer Security (TLS) for Web applications, such as Oracle Publisher, running on Oracle WebLogic server.

Note: Oracle Publisher does not control TLS/SSL. Oracle Publisher runs on Oracle WebLogic server and depends on the TLS/SSL environment used by Oracle WebLogic server.

To enable TLS for Oracle Publisher running on Oracle Web Logic server

1. Log in to the Oracle WebLogic server console.

2. Click <Domain>, click Environment, click Servers, and then <Server>.

3. Under Configuration and General, select the SSL Listen Port Enabled check box.

4. Select the SSL tab, click Advanced, and then select the Use JSSE SSL check box.

   Choosing to use Java Secure Socket Extension (JSSE) ensures that Oracle WebLogic v10 and v11 uses the TLS features of Java, instead of any existing SSL implementation.

   Note: The WebLogic server’s internal SSL implementation is not compatible with current TLS implementations in modern browsers.

   Oracle WebLogic server v12.2.1.0.0 uses JSSE by default and does not provide the option to switch back to an SSL implementation.

5. Restart Oracle WebLogic server for the changes to take effect.

6. To force the use of TLS v1.2, do the following:

   1. Open the setDomainEnv.sh file.

   2. In the WebLogic Startup parameter, set Dweblogic.security.SSL.protocolVersion to TLSv1.2:

      Dweblogic.security.SSL.protocolVersion=TLSv1.2

      Once this is done, any clients that do not support TLS v1.2 will be rejected.