1. Installation Guide
  2. Enabling TLS 1.3 Support in Offline Mediation Controller (Release 15.0.1 or later)

9 Enabling TLS 1.3 Support in Offline Mediation Controller (Release 15.0.1 or later)

You can enable TLS 1.3 support in Oracle Communications Offline Mediation Controller, enhancing communication security. TLS 1.3 offers improved security features compared to older protocols.

See "About TLS 1.3 Compatibility" for more information on potential compatibility impacts.

Topics in this document:

Enabling TLS 1.3 Support Automatically

To enable TLS 1.3 support automatically:

  1. Ensure the JAVA_HOME environment variable points to the latest JDK version.
  2. Generate and import new certificates using the updated createNodeMgrCert and createAdminSvrCert scripts.
  3. Restart all Offline Mediation Controller components.

Manually Enabling TLS 1.3 Support

To manually enable TLS 1.3 support:

  1. Generate a new KeyStore using the keytool utility. If generated externally, you must use the latest JDK available.

    Note:

    DSA is not supported in TLS 1.3. Ensure that you use a compatible algorithm during certificate generation.
  2. Use a signature algorithm supported by TLS 1.3 during certificate generation.
  3. Load the newly generated KeyStore into the appropriate TrustStore.
  4. Restart all Offline Mediation Controller components.