This chapter summarizes the main changes introduced in the 12.2.1.x releases.
Release 12.2.1.3.0 includes the following changes:
When migrating application policies for an application using the migrateSecurityStore
WLST command, the behavior of how policies are merged using the overwrite
parameter has been changed. See Migrating Application Policies with migrateSecurityStore.
The Keystore Service (KSS) has been updated to support Subject Alternative Name (SAN) SSL certificates. See Managing Certificates with WLST and Managing Certificates with Fusion Middleware Control.
The sections “Upgrading Security to 12.2.1.x” and “Compatibility Table for 11g and 12c Versions” have been moved to Securing Datastores in Planning an Upgrade of Oracle Fusion Middleware.
Added an example that illustrates how you can set up a domain that uses either third-party CA signed or internal CA signed certificates throughout the domain in place of the demonstration CA certificates. See Setting Up a Security Hardened Domain: An Example.
Clarified the procedures for migrating credentials in the same domain and across domains. See Migrating Credentials with migrateSecurityStore.
In release 12.2.1.2.0, the changes to this document include:
A procedure that describes how to synchronize the local keystore with the security store. See Synchronizing the Local Keystore with the Security Store.
Procedures that describe how to replace demonstration certificates with third-party or domain CA signed certificates. Demonstration CA certificates should not be used in a production environment. See Replacing Demonstration CA Signed Certificates.
Troubleshooting information about database connection errors. See Database Connection Exception.
In release 12.2.1.1.0, this document has been changed as follows:
The procedures in “Upgrading Security to 12.2.1.x” have been updated and streamlined to improve usability.
Note:
In 12.2.1.3.0, these procedures have been moved to Securing Datastores in Planning an Upgrade of Oracle Fusion Middleware.The new features and major changes introduced in release 12.2.1.0.0 include the following:
Support for IBM DB2 and Microsoft SQL server databases. OPSS supports two new databases as repositories for security stores. See Supported File, LDAP, and Database Stores.
The ability to create database views of audit records at registration time using the Dynamic Metadata Model. See Audit Views Created at Registration.
New audit createIAUView
and getIAUViewInfo
commands, that allow you to create and to get information about audit database views. See Audit Configuration Commands in WLST Command Reference for Infrastructure Security.
A new merge.jdkcacerts.with.trust
property, which specifies whether to return public certification authority certificates in the kss://system/publicacerts
keystore with a keystore query to kss://system/trust
. See About Certificates.
The OPSS REST API.