Configuring SSL for Client Authentication and Encryption With Self Signed Certificates On Both Ends Using orapki
(Doc ID 401251.1)
Last updated on FEBRUARY 05, 2024
Applies to:
Advanced Networking Option - Version 10.2.0.5 to 12.1.0.2 [Release 10.2 to 12.1]Oracle Net Services - Version 12.2.1.2.0 to 12.2.1.2.0 [Release 12.2]
Oracle Database - Enterprise Edition - Version 10.2.0.5 and later
Information in this document applies to any platform.
Purpose
The note has been written using Oracle Enterprise Linux 4.0 and 5.0, and Oracle RDBMS versions 10.2.0.5, 11.1.0.7,11.2.0.4 and 12.1.0.2 although the steps are generic and should apply to all platforms.
In this note the client and server are separate machines to help clarify which configuration is server side and which is client side. This connection authenticates both the server and the client.
This note uses the Oracle command line tool orapki to generate self signed certificates and to manipulate the wallets. Some of the steps could be done using Oracle Wallet Manager but this note will focus on using orapki.
Oracle's primary reference for SSL is the Oracle Advanced Security Administrator's Guide. This guide describes Oracle's SSL solution and configuration in greater detail, see Configuring Secure Sockets Layer Authentication. In versions 12c and later, you can find these details in the Security Guide.
Scope
This note is intended for use by Database Administrators.
Details
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Purpose |
Scope |
Details |
References |