SSLHandshakeException During ECC Application Import (TLS EBS)

The `SSLHandshakeException` typically indicates a certificate trust issue, specifically when the EBS instance is TLS enabled and the application importer script cannot validate the SSL connection. It is critical to ensure that when EBS is TLS enabled, all configuration steps regarding outbound connections are properly completed, not just the inbound configuration. You need to carefully review section 5.3, ‘Configure Loopback and Outbound Connections,’ in Oracle Support Document 1367293.1, ‘Enabling TLS in Oracle E-Business Suite Release 12.2’, because this section is frequently overlooked when inbound TLS is configured.

While I don’t have a specific document dedicated solely to self-signed certificates in the context of ECC import here, if you are running EBS with a self-signed certificate, you must ensure that the EBS certificate is correctly imported into the relevant JDK keystores used by the EBS application tier. Skipping the loopback and outbound configuration (Doc ID 1367293.1, section 5.3) often leads to issues during the import stage, as the EBS application tier needs to trust its own hostname and certificate when communicating externally, or in this case, sending the application files to ECC. You might also find helpful information in the blog post about configuring TLS for ECC.

The ECC WEB ENTRY URL shown during the execution of `patchEccFiles.pl` is expected to point back to the EBS instance, typically showing the EBS middle-tier hostname and port (e.g., `http://demo.enginatics.com:80/ecc`). This is because the EBS application server is initiating the import process and communicating the target URL. The import process uses the EBS instance as the gateway to deploy the zipped application files (like `ap_ecc.zip`) which the EBS server retrieves and sends to the ECC application. Once the files are successfully imported, the resulting summary report should show ‘Success’ for all applications attempted, such as AP, AR, FA, and OKL.

Yes, a ‘Proxy Error’ encountered when accessing the EBS HTTPS URL (e.g., `https://EBSserver.abc.com:443/ecc`) suggests a problem in how the OHS (Oracle HTTP Server) is configured to handle the request redirection or proxying to the ECC managed server. After running AutoConfig on EBS, you should verify that the OHS configuration file (`ecc.conf`) contains a proper `RewriteRule` directing the `/ecc` path on EBS to the ECC managed server URL, which ensures seamless integration. If AutoConfig ran correctly, but the proxy error persists, you should check the OHS log files and confirm the directory structure for the TLS certificate keystores, which is typically found under `[s_ohs_instance_loc]/config/OHS/[s_ohs_component]/keystores/default`.