The coming TLS-pocalypse? | Robert Gideon's EPM Blog

On Friday, June 6, 2025, the June (25.06) update will be released. Since at least April, Oracle has been communicating that TLS 1.2 will be deprecated in favor of TLS 1.3. Transport Layer Security is used to encrypt data transfers between computers, like between your company laptop and the Oracle EPM Cloud server. TLS 1.3 has stronger encryption algorithms to safeguard that data so it makes sense that we need to update to the later standard.

Browsers have supported TLS 1.2 and 1.3 for quite some time, so no worries there. There is some ambiguity in Oracle’s statement that causes me some concern, though. In the June Update, we have the following:

Transport Layer Security (TLS) protocol version 1.2 is no longer used for connections to Oracle Fusion Cloud EPM environments; all connections are made over TLS 1.3 only. This change requires you to use a browser that supports TLS 1.3. Additionally, you need to ensure that the operating system and EPM Clients (such as EPM Automate, Smart View, and EPM Agent) that you use support TLS 1.3. The newest version of EPM Clients, and many previous versions, already support TLS 1.3.
If you integrate on-premises EPM instances with Fusion Cloud EPM using Financial Data Quality Management Enterprise Edition (FDMEE), make sure to use FDMEE version 11.2.7 or newer because older versions do not support TLS 1.3.

Over the last 15 years, I think 80% or more of my work at customers has been done on Windows client machines and servers. Many times, customers have implemented their corporate standard OS version which might not be the latest available at the time of installation. Given that information, the third sentence of the Oracle Update notes seems to indicate that the OS also needs to support TLS 1.3.

After searching on some Microsoft sites, it seems that the only flavors of Windows to support TLS 1.3 are Windows 11 and Windows Server 2022. The concern is that customers who sometimes are a little slower to adopt new technology may experience issues trying to integrate with EPM Cloud products if they are on Windows 10 or older Windows Server versions that don’t support TLS 1.3. Customers who use FDMEE on-premises instead of the EPM Integration Agent still will also want to ensure their FDMEE has been upgraded to at least 11.2.7.

We will see what happens Friday night. Hopefully it’s as non-eventful as my New Year’s Eve in 1999.

Robert Gideon's EPM Blog

Oracle EPM musings from a consultant in the field.

Leave a ReplyCancel reply

Share this:

Like this:

Related

Leave a ReplyCancel reply

Discover more from Robert Gideon's EPM Blog