My Oracle Support Banner

Enabling FIPS mode for TLS / SSL does not allow the listener to start. Either core dump (crash) or TNS-12537 or TNS-00543. (Doc ID 2884060.1)

Last updated on JULY 18, 2022

Applies to:

Oracle Database - Enterprise Edition - Version 19.3.0.0.0 and later
Information in this document applies to any platform.

Symptoms

When enabling fips for SSL by putting entering data in the fips.ora file, the TCPS Listener fails to start.
You are following the steps in the Admin Guide:
Security Guide:
E.3.1 Configuring the SSLFIPS_140 and SSLFIPS_LIB Parameters for Transport Layer Security



Depending on the parameter, this results in different errors / conditions.
Below are example files and values.


1a) The fips.ora file (located in the $ORACLE_HOME/ldap/admin which is the default):






Changes

 Attempting to enable FIPS 140-2 for TLS / SSL use.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.