My Oracle Support Banner

GDS/GSM CAN ONLY USES RC4_256 TYPE ENCRYPTION Without Enhancement (Doc ID 2614093.1)

Last updated on JULY 20, 2024

Applies to:

Oracle Database - Enterprise Edition - Version 12.2.0.1 to 20.1 Preview [Release 12.2 to 20.0]
Information in this document applies to any platform.

Goal

GDS configuration only works with RC4_256 type encryption without enhancement. However, the document below shows only AES type encryptions are available:

https://docs.oracle.com/en/database/oracle/oracle-database/19/dbseg/data-encryption-and-integrity-parameters.html#GUID-0CF92061-B677-4280-8B18-BE141DE0110F

SQLNET.ENCRYPTION_TYPES_SERVER

Syntax

SQLNET.ENCRYPTION_TYPES_SERVER = (valid_encryption_algorithm [,valid_encryption_algorithm])

Valid Values

AES256: AES (256-bit key size)

AES192: AES (192-bit key size)

AES128: AES (128-bit key size)

SQLNET.ENCRYPTION_TYPES_CLIENT

Syntax

SQLNET.ENCRYPTION_TYPES_CLIENT = (valid_encryption_algorithm [,valid_encryption_algorithm])

Valid Values

AES256: AES (256-bit key size).

AES192: AES (192-bit key size).

AES128: AES (128-bit key size).

 

GDS configuration does not work with the encryption type below in sqlnet.ora file.

SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128)

SQLNET.ENCRYPTION_TYPES_CLIENT=(AES256,AES192,AES128)

 

If you add RC4_256 to the above encrytion type, GDS configuration works. for example,

SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128,RC4_256)

SQLNET.ENCRYPTION_TYPES_CLIENT=(AES256,AES192,AES128,RC4_256)

 

However RC4_256 is not acceptable for some customer.
We need to keep AES standard for GDS.

 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.