Enabling FIPS mode for TLS / SSL does not allow the listener to start. Either core dump (crash) or TNS-12537 or TNS-00543. (Doc ID 2884060.1)

Last updated on APRIL 17, 2023

Applies to:

Oracle Database - Enterprise Edition - Version 19.3.0.0.0 and later
Information in this document applies to any platform.

Symptoms

When enabling fips for SSL by putting entering data in the fips.ora file, the TCPS Listener fails to start.
You are following the steps in the Admin Guide:
Security Guide:
E.3.1 Configuring the SSLFIPS_140 and SSLFIPS_LIB Parameters for Transport Layer Security

Depending on the parameter, this results in different errors / conditions.
Below are example files and values.

1a) The fips.ora file (located in the $ORACLE_HOME/ldap/admin which is the default):

Changes

Attempting to enable FIPS 140-2 for TLS / SSL use.

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Enabling FIPS mode for TLS / SSL does not allow the listener to start. Either core dump (crash) or TNS-12537 or TNS-00543. (Doc ID 2884060.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!