Home » RDBMS Server » Security » Using "TCP/IP with SSL" protocol (Oracle 11g - Windows Server 2008)
Using "TCP/IP with SSL" protocol [message #608222] Mon, 17 February 2014 12:53 Go to next message
kiwiboy
Messages: 4
Registered: August 2012
Junior Member
Hello,

I have a Windows application which is using the Oracle 11g client (via the OraOleDB provider) to connect to an Oracle 11g database running on a dedicated server over the network.
We just provide the username, password and alias of the database and the application logs on to the database and retrieves the content of some tables in this database. The application is installed on multiple workstations over our network and we have defined the following tnsnames.ora as follows.
MY_DB =
  (DESCRIPTION =
    (ADDRESS_LIST =
      (ADDRESS = (PROTOCOL = TCP)(HOST = 10.10.10.20)(PORT = 1521))
    )
    (CONNECT_DATA =
      (SERVICE_NAME = MY_SID)
    )
  )


By doing the above, we are using the "default" behaviour of Oracle to establish a TCP/IP connection between the client and the server. I know that we can also use "TCP/IP with SSL" instead of the "TCP/IP" protocol used above.

Question:
If we want to use "TCP/IP with SSL" instead of the standard "TCP/IP" protocol, do I need to modify the application itself to connect to the database? I guess the answer is no and that I simply need to reconfigure the listener on the database server to support "TCP/IP with SSL" and the tnsnames.ora file on all workstations to point to the new listener configured with SSL.
Am I correct?

Many thanks.
Regards.
Re: Using "TCP/IP with SSL" protocol [message #608224 is a reply to message #608222] Mon, 17 February 2014 13:24 Go to previous messageGo to next message
Michel Cadot
Messages: 68624
Registered: March 2007
Location: Nanterre, France, http://...
Senior Member
Account Moderator

Instead of using SSL (which is somewhat difficult to configure and maintain) use Oracle native encryption which is very easy (5 minutes to do it), see Network Encryption.

Re: Using "TCP/IP with SSL" protocol [message #608228 is a reply to message #608224] Mon, 17 February 2014 14:17 Go to previous message
kiwiboy
Messages: 4
Registered: August 2012
Junior Member
Hi,

Thanks a lot for your swift response.

Ok, so in this case, this means that no modifications have to be made directly in the application (I mean in the OraOLEDB connection string) but only in the sqlnet.ora file on both the clients and the server. I'll give it a go.

Thanks again for your help Smile .
Regards.
Previous Topic: Oracle Vault and sqlplus
Next Topic: Reset Database vault owner password
Goto Forum:
  


Current Time: Thu Mar 28 08:39:21 CDT 2024