Issue configuring Oracle database for SSL

Posted by Santhosha Kaldambe on Server Fault See other posts from Server Fault or by Santhosha Kaldambe
Published on 2010-03-29T06:17:22Z Indexed on 2010/03/29 6:23 UTC
Read the original article Hit count: 668

Filed under:
|

Hello,

I want to setup Oracle for SSL communication. I am not using SSL authentication for database user. As first requirement, generated self signed certificate using OpenSSL and added certificate to wallet. The wallet location is specified in server configuration. Created listener and it is starting however it does not provide any service. The default listener (non SSL) is working fine.

When I execute LSNRCTL.EXE status SSLLISTENER it gives below output.

STATUS of the LISTENER

Alias SSLLISTENER

Version TNSLSNR for 32-bit Windows: Version 11.1.0.6.0 -

Production Start Date 14-NOV-2009 01:47:08

Uptime 16 days 22 hr. 14 min. 3 sec

Trace Level off

Security ON: Local OS Authentication

SNMP OFF

Listener Parameter File
C:\app\Administrator\product\11.1.0\db_1\network\admin\listener.ora

Listener Log File
c:\app\administrator\diag\tnslsnr\\ssllistener\alert\log.xml

Listening Endpoints Summary... (DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=)(PORT =2484)))

The listener supports no services

The command completed successfully

Here is exact content of various files after configuration. 1) File Name: tnsnames.ora ORCL = (DESCRIPTION = (ADDRESS_LIST =

(ADDRESS = (PROTOCOL = TCP)(HOST = )(PORT

1521)) ) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = orcl) ) )

2) File Name: sqlnet.ora

SSL_VERSION = 0 NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT) sqlnet.authentication_services= (NONE) tcp.validnode_checking = no tcp.invited_nodes=(PS0803.oraebs.com,PS2948,PS5098) SSL_CLIENT_AUTHENTICATION = FALSE

WALLET_LOCATION = (SOURCE = (METHOD = FILE) (METHOD_DATA = (DIRECTORY = C:\app\Administrator\admin\orcl\Server_Wallet) ) )

3) File Name: listener.ora

SSL_CLIENT_AUTHENTICATION = FALSE

WALLET_LOCATION = (SOURCE = (METHOD = FILE) (METHOD_DATA = (DIRECTORY = C:\app\Administrator\admin\orcl\Server_Wallet) ) )

LISTENER = (DESCRIPTION_LIST = (DESCRIPTION = (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1521)) ) (DESCRIPTION =

(ADDRESS = (PROTOCOL = TCP)(HOST = )(PORT

1521)) ) )

SSLLISTENER = (DESCRIPTION = (ADDRESS = (PROTOCOL = TCPS)(HOST = )(PORT = 2484)) )

Thanks

Santhosh

© Server Fault or respective owner

Issue configuring Oracle database for SSL

Posted by Santhosha on Stack Overflow See other posts from Stack Overflow or by Santhosha
Published on 2010-03-29T06:19:59Z Indexed on 2010/03/29 6:23 UTC
Read the original article Hit count: 668

Filed under:
|

Hello,

I want to setup Oracle for SSL communication. I am not using SSL authentication for database user. As first requirement, generated self signed certificate using OpenSSL and added certificate to wallet. The wallet location is specified in server configuration. Created listener and it is starting however it does not provide any service. The default listener (non SSL) is working fine.

When I execute LSNRCTL.EXE status SSLLISTENER it gives below output.

STATUS of the LISTENER

Alias SSLLISTENER

Version TNSLSNR for 32-bit Windows: Version 11.1.0.6.0 -

Production Start Date 14-NOV-2009 01:47:08

Uptime 16 days 22 hr. 14 min. 3 sec

Trace Level off

Security ON: Local OS Authentication

SNMP OFF

Listener Parameter File
C:\app\Administrator\product\11.1.0\db_1\network\admin\listener.ora

Listener Log File
c:\app\administrator\diag\tnslsnr\\ssllistener\alert\log.xml

Listening Endpoints Summary... (DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=)(PORT =2484)))

The listener supports no services

The command completed successfully

Here is exact content of various files after configuration.

1) File Name: tnsnames.ora ORCL = (DESCRIPTION = (ADDRESS_LIST =

(ADDRESS = (PROTOCOL = TCP)(HOST = )(PORT

1521)) ) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = orcl) ) )

2) File Name: sqlnet.ora

SSL_VERSION = 0 NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT) sqlnet.authentication_services= (NONE) tcp.validnode_checking = no tcp.invited_nodes=(PS0803.oraebs.com,PS2948,PS5098) SSL_CLIENT_AUTHENTICATION = FALSE

WALLET_LOCATION = (SOURCE = (METHOD = FILE) (METHOD_DATA = (DIRECTORY = C:\app\Administrator\admin\orcl\Server_Wallet) ) )

3) File Name: listener.ora

S

SL_CLIENT_AUTHENTICATION = FALSE

WALLET_LOCATION = (SOURCE = (METHOD = FILE) (METHOD_DATA = (DIRECTORY = C:\app\Administrator\admin\orcl\Server_Wallet) ) )

LISTENER = (DESCRIPTION_LIST = (DESCRIPTION = (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1521)) ) (DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = )(PORT

1521)) ) )

SSLLISTENER = (DESCRIPTION = (ADDRESS = (PROTOCOL = TCPS)(HOST = )(PORT = 2484)) )

Thanks

Santhosh

© Stack Overflow or respective owner

Related posts about Oracle

Related posts about ssl