A Simple Example of a TCPS Loopback Connection Using OpenSSL.
(Doc ID 262394.1)
Last updated on FEBRUARY 01, 2022
Applies to:
Advanced Networking Option - Version 9.2.0.4 to 11.2.0.3 [Release 9.2 to 11.2]Information in this document applies to any platform.
Purpose
To provide a complete example of enabling a TCPS SQLNet connection. This note is NOT intended to describe a secure SSL environment. The steps below are intended to enable reader to become familiar the steps required to configure a client server SQLNet connection using TCPS.
In a real time SSL environment it is not recommended to use a self signed certificated .
Also it is a best practice to test SSL setup between a client and server , instead of testing a loop back connection i.e using a same instance as both server and client.
Scope
The note has been written using OpenSSL provided with UnitedLinux 1.0 and 9.2.0.4 RDBMS. This note is valid for other database server versions .
In this note the client and server share the same ORACLE_HOME and therefore the same wallet. The connection only authenticates the database server.
If you have your own certficate authority such as Oracle Certificate Authority, OCA, replace the CA creation and certificate signing steps with the correct steps for your CA package or certficate provider.
Oracle's primary reference for SSL is the Oracle Advanced Security Administrator's Guide. This guide describes Oracle's SSL solution and configuration in greater detail, see Configuring Secure Sockets Layer
Authentication. The guide is available on the documentation CD and at:
http://download-west.oracle.com/docs/cd/B10501_01/network.920/a96573/asossl.htm#1004601
Details
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |