My Oracle Support Banner

Database Gateway for DRDA Gateway (DG4DRDA) Connection fails when using TLS 1.2 (Doc ID 2508404.1)

Last updated on OCTOBER 04, 2019

Applies to:

Oracle Database Gateway for DRDA - Version 12.1.0.2 to 12.1.0.2 [Release 12.1]
Information in this document applies to any platform.

Symptoms

You are using Database Gateway for DRDA (DG4DRDA) version 12.1.x to connect to DB2 configured to use TLS v1.1
DB2 instances now require TLS v1.2 connectivity. The DRDA SSL encryption parameters no longer work producing the following error:

ORA-28500: connection from ORACLE to a non-Oracle system returned this message:
[Oracle][ODBC DB2 Wire Protocol driver]SSL Handshake Failure reason [error:140A4044:SSL routines:SSL_clear:internal error][error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:abcd alert protocol version]. {08001,NativeErr = 7570}
ORA-02063: preceding 2 lines from <DBLINK>
28500. 00000 - "connection from ORACLE to a non-Oracle system returned this message:"
*Cause: The cause is explained in the forwarded message.
*Action: See the non-Oracle system's documentation of the forwarded

You have the following parameters set:
HS_FDS_ENCRYPT_SESSION=SSL
HS_FDS_TRUSTSTORE_PASSWORD=*
HS_FDS_TRUSTSTORE_FILE=/opt/oracle/product/12.1.0.2/gateways/trust/CA_root.p12

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.