How to Restrict the Lsnrctl Utility to Communicate with the Listener Using ONLY the TCPS Protocol
(Doc ID 2280787.1)
Last updated on NOVEMBER 20, 2018
Applies to:Oracle Net Services - Version 220.127.116.11 and later
Advanced Networking Option - Version 18.104.22.168 and later
Oracle Database - Enterprise Edition - Version 22.214.171.124 and later
Information in this document applies to any platform.
This document is limited in scope to a scenario where the following listener.ora file parameter is set: TCPS: SECURE_CONTROL_
Following the addition of the following listener.ora file parameter, the lsnrctl utility can no longer issues administrative commands against
the listener process.
Listener.ora file has been modified to use:
Lsnrctl stop/status/services may yield the following errors:
$ lsnrctl stop LISTENER
LSNRCTL for Solaris: Version 126.96.36.199.0 - Production on 17-MAY-2017 13:50:42
Copyright (c) 1991, 2014, Oracle. All rights reserved.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=myhost)(PORT=1521))) TNS-12564: TNS:connection refused <<<<<refused due to parameter SECURE_CONTROL_LISTENER=TCPS TNS-01194: The listener command did not arrive in a secure transport Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCPS)(HOST=myhost)(PORT=1522))) ORA-28759: failure to open file TNS-12560: TNS:protocol adapter error TNS-00540: SSL protocol adapter failure
The listener.ora file setting for SECURE_CONTROL_listener name may have been added recently or it has been changed to use SSL or the TCPS recently.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document