Overview of SSL in Oracle Applications 11i

Today I am going to cover overview of SSL & various components of oracle Apps in which you can configure SSL.

If you encounter any Issues or got any doubts w.r.t. Oracle Applications create a Thread in Oracle Apps Forum at http://teachmeoracle.com/forum

What is SSL ?
SSL stands for Secure Socket Layer which is protocol developed by Netscape. Data Transferred between Server & Client is Secured (Encrypted)

Why I need a SSL in Oracle Applications ?
Usually data transmitted between client machine & server (Web Server on http protocol & Forms Server on Sockets ) is clear text packets. Any one can put Packet Sniffer between Client machine & Server & can open & read all data transaction between your machine & Server (If he/she has network access) Hacker can get your Username/Password or any sensitive data. This become critical when you have Internet access to Oracle Applications 11i (Usually Self Service Implementation)

Where I need to configure SSL in Apps ?
Communication between Client & Oracle Applications happen via three components.
Oracle Web Server (Initial Connection & all self service access is via Web Server/Apache). If your Form Server is in servlet Mode then Core Applications are also accessed via Web Server (Jserv Component)
Oracle Form Server : For Core Oracle Application Access (Forms)
Database : You access web server which in turn talks to database Server via UTL_HTTP package via dad (/pls/$SID)

So You enable SSL on particular component depending on your requirement & component which is accessible over Internet & should be secured. You can Implement across all three component or only one or any two.

What is common deployment for Internet Facing Oracle Applications ?
Though you can configure SSL for Web, Forms & database for extra Security but Usually most prone & Internet facing component is Web Server (For Self Service Applications) so common trend is to Enable SSL between Client Machine & Web Server (Apache) in Oracle Applications.

What will happen w.r.t. Data communication after enabling SSL ?
By default you access Applications over HTTP (Hyper Text Transfer Protocol) but after enabling SSL on web server you will access via HTTPS (Secure) . Data will be encrypted at one end & decrypted at other end.

More on
How Data Encryption Happens ….
Is there any performance overheads ….
What is openssl & oracle Wallets …
How to configure SSL in Oracle Apps 11i …
and lot more on SSL coming in Next Post

Those of you who want to raise questions/doubts problems , can now do same via Forum http://teachmeoracle.com/forum (Dedicated to Apps DBA, for Fast Response from some of Best Apps DBA’s). Check others doubts & you can answer them.

Share This Post with Your Friends over Social Media!

About the Author Atul Kumar

Oracle ACE, Author, Speaker and Founder of K21 Technologies & K21 Academy : Specialising in Design, Implement, and Trainings.

follow me on:

Leave a Comment:

www.2x2successteam.com says September 13, 2012

Great info. Lucky me I recently found your site by accident (stumbleupon).
I’ve book marked it for later!

Vishal says November 10, 2014


I am using R12 and tring to connect one supplier but I am getting “java.io.IOException: java.io.IOException: javax.net.ssl.SSLException: SSL handshake failed: SSLSessionNotFoundErr
” error.
We already implement punchout for 3 supplier but for this supplier we are getting an issue.
Please help me in this.Its bit urgent for me we have our milestone this wkend.


Add Your Reply