Extend Exadata Cryptographic Policies
(Doc ID 2999495.1)
Last updated on JANUARY 24, 2024
Applies to:
Oracle Exadata Storage Server Software - Version 23.1.0.0.0 and later Information in this document applies to any platform.
Goal
Starting with Oracle Linux 8, cryptography is managed with system-wide cryptographic policies. These policies can be further extended with a policy module (pmod). Exadata incorporates a policy module to constrain insecure ciphers and algorithms. This document will explain how to make cryptography changes on an Exadata database server running OL8.
Configuring system-wide policy doesn't enforce behavior across the system. Any application that's not designed to use the system-wide policy continues to function according to the different policy configuration that it uses. Refer to Oracle Linux documentation for more information on the features and functions of cryptographic policies.
Customer-specific cryptographic policy modules are NOT re-enabled on Exadata update. After a system update, the user will need to manually re-enable their custom policy module, as described in step Re-enable the crypto policy below.
Solution
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
