TLS 1.1 Deprecation for Eloqua and Content Marketing (Jan 2019)
Oracle Eloqua and Content Marketing will be deprecating TLS 1.1 on January 18, 2019. Oracle will be removing support for the TLS 1.1 protocol for all inbound connections.
Oracle is updating Eloqua and Content Marketing’s application security mechanisms to meet modern security requirements. On January 18, 2019 Eloqua and Content Marketing will no longer allow inbound connections using the TLS 1.1 protocol. Eloqua and Content Marketing will continue to support inbound connections using the TLS 1.2 protocols.
Application access for users via the Eloqua and Content Marketing UI: all browsers supported by Eloqua and Content Marketing also include support for TLS 1.2. No action is required provided a supported browser is in use.
API and Apps access: verify that all applications accessing Eloqua and/or Content Marketing, including custom apps, support TLS 1.2. If your application does not support TLS 1.2 it will not be allowed to establish a connection to Eloqua or Content Marketing. In the event that your application does not use TLS 1.2 it will need to be updated to allow connections via a supported protocol.
There are several publicly available tools to test security protocol details, please reference documentation provided by maker of the libraries your custom application use.
January 18, 2019: Oracle will be ending support for the TLS 1.1 protocols. TLS 1.2 will remain supported.
Q: Why is TLS 1.1 being deprecated?
A: Oracle wants to provide the most secure applications. Vulnerabilities have been identified in TLS 1.1, therefore it will removed from service.
Q: How can I verify if my applications will still work properly after deprecation?
A: There are several public and free SSL testing/reporting suites available. Also, documentation for web browsers and application programming interfaces (APIs) typically highlight supported security protocols and cipher suites.
Q: When is this taking affect?
A: On January 18, 2019. Please visit the Eloqua release center on Topliners for information and updates: https://community.oracle.com/docs/DOC-895287
Q: Does this affect outbound connections initiated by Eloqua?
A: No. Removing support for TLS 1.1 will be effective for inbound connections to Eloqua and Content Marketing only.
Q: Will my CRM integration be affected?
A: No. Outbound connections initiated by Eloqua will still allow the use of TLS 1.1. If TLS 1.1 is the only protocol available, it is recommended to upgrade to a version that supports at least TLS 1.2.
Q: Does this affect Email TLS?
A: No. This change is for inbound connections to Eloqua only.