My Oracle Support Banner

Support Of SSL And Oracle Native Network Encryption (NNE) On The Same Instance For Enabling FIPS140 (Doc ID 2833084.1)

Last updated on JANUARY 10, 2022

Applies to:

Advanced Networking Option - Version 19.10.0.0.0 and later
Information in this document applies to any platform.

Goal

Is SSL supported and a valid configuration to be used with Oracle NNE (Oracle native network encryption) and if that config will be considered FIPS140-2 compatible?

As per AWS support: NNE and SSL are not compatible in the AWS RDS instance. Kindly refer to the notes section in the link [1].

Use of parameters "SQLNET.ENCRYPTION_SERVER" and " SQLNET.ENCRYPTION_TYPES_SERVER" which are available in NNE with "SQLNET.FIPS_140=TRUE" which is supported in SSL. This could not be implemented in Oracle RDS.

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.Options.SSL.html

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.