How to Restrict the Lsnrctl Utility to Communicate with the Listener Using ONLY the TCPS Protocol
Last updated on JULY 03, 2017
Applies to:Oracle Net Services - Version 22.214.171.124 and later
Information in this document applies to any platform.
This document is limited in scope to a scenario where the following listener.ora file parameter is set: TCPS: SECURE_CONTROL_
Following the addition of the following listener.ora file parameter, the lsnrctl utility can no longer issues administrative commands against
the listener process.
Listener.ora file has been modified to use:
Lsnrctl stop/status/services may yield the following errors:
$ lsnrctl stop LISTENER
LSNRCTL for Solaris: Version 126.96.36.199.0 - Production on 17-MAY-2017 13:50:42
Copyright (c) 1991, 2014, Oracle. All rights reserved.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=myhost)(PORT=1521))) TNS-12564: TNS:connection refused <<<<<refused due to parameter SECURE_CONTROL_LISTENER=TCPS TNS-01194: The listener command did not arrive in a secure transport Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCPS)(HOST=myhost)(PORT=1522))) ORA-28759: failure to open file TNS-12560: TNS:protocol adapter error TNS-00540: SSL protocol adapter failure
The listener.ora file setting for SECURE_CONTROL_listener name may have been added recently or it has been changed to use SSL or the TCPS recently.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms