What do I need to do to prepare for protocol changes against Oracle Field Service's API URLs?
Oracle Field Service
Oracle migrated all Oracle Field Service customers' Service API calls to https://api.etadirect.com. In June 2016, Oracle also removed the following legacy SSL Protocols and Ciphers from the API URL's configuration profile:
- SSLv3 protocol
- RC4 ciphers
- TLS1.0 protocol
- TLS1.1 protocol
Oracle has identified and reached out to a number of customers who will be adversely affected by this change.
June 15, 2016: SSLv3 Protocol and RC4 cipher suite was removed from the URL https://api.etadirect.com.
June 23, 2016: TLS1.0 and TLS1.1 Protocols was removed from the URL https://api.etadirect.com.
Frequently Asked Questions prior to the migration:
Will these changes impact me?
While Oracle has tried to minimize the impact of these changes, customers who have not completed their SSLv3 and TLS1.0 remediation activities as announced in February 2016 will be adversely affected. Oracle notified customers on June 6, 2016 about the specific protocol or cipher suite that will impact Service API connectivity.
How can I be sure the changes will not impact me?
API client software and libraries should be up-to-date and utilize the TLS 1.2 protocol to support https://api.etadirect.com which will be delivered with a SHA256 certificate. Please submit a support ticket for assistance or to inquire specifically about your configuration.
Can I submit a ticket to avoid this change?
No - The API is a shared URL among customers and these changes are required to maintain the security posture of the shared system. The API URL is not considered to be within the scope of any customer-requested deferral or extension of legacy protocol use in their environment. Oracle Field Service customers in standard configurations should not be impacted by this change.
I received a notification that I will be impacted by this change. What do I need to do to avoid a service outage?
To avoid a service outage, submit a service request to Cloud Support for the API URL temporary workaround to be applied to your environment. This will require that you change the API URL to a temporary URL which will temporarily support the obsolete protocols. This temporary workaround will be provided to prolong connectivity until your client software is fully able to support the standard security configuration. More detailed instructions will be provided through the service request. Note that the use of this non-standard configuration will place your environment at greater security risk.
Will a rollback be available when the changes occur to the API URL?
No rollback is planned or available. https://api.etadirect.com will be available exclusively with TLS1.2. A temporary workaround can be provided to prolong connectivity until your client software is fully able to support the standard security configuration. However, choosing these non-standard configurations will place your environment at greater security risk. We strongly urge you to perform the necessary changes and return to the standard URL as soon as possible.