Table of Contents
Advertisement
(SECURITY=
(SSL_SERVER_CERT_DN="cn=finance,cn=OracleContext,c=us,o=acme"))
The client uses this information to obtain the list of DNs it expects for each of
the servers, enforcing the server's DN to match its service name.
shows an entry for the Finance database in the tnsnames.ora file.
Alternatively, the administrator can ensure that the common name (CN) portion
of the server's DN matches the service name.
Also in the client tnsnames.ora file, enter tcps as the PROTOCOL in the
2.
ADDRESS parameter. This specifies that the client will use TCP/IP with SSL to
connect to the database that is identified in the SERVICE_NAME parameter.
Example 7–1
also shows an entry that specifies TCP/IP with SSL as the
connecting protocol in the tnsnames.ora file.
In the listener.ora file, enter tcps as the PROTOCOL in the ADDRESS
3.
parameter.
Example 7–2
protocol.
Example 7–1 Sample tnsnames.ora File with Server Certificate DN and TCP/IP with
SSL Specified
finance=
(DESCRIPTION=
(ADDRESS_LIST=
(ADDRESS= (PROTOCOL = tcps) (HOST = finance_server) (PORT = 1575)))
(CONNECT_DATA=
(SERVICE_NAME= Finance.us.acme.com))
(SECURITY=
(SSL_SERVER_CERT_DN="cn=finance,cn=OracleContext,c=us,o=acme"))
Example 7–2 Sample listener.ora File with TCP/IP with SSL Specified as the Protocol
LISTENER=
(DESCRIPTION_LIST=
(DESCRIPTION=
(ADDRESS= (PROTOCOL = tcps) (HOST = finance_server) (PORT = 1575))))
Step 3: Specify Required Client SSL Configuration (Wallet Location)
Use Oracle Net Manager to specify required configuration parameters for the client
(See
"Starting Oracle Net Manager"
shows an entry that specifies TCP/IP with SSL as the
on page 2-2):
Configuring Secure Sockets Layer Authentication 7-25
Enabling SSL
Example 7–1
Advertisement
Chapters
Table of Contents
Troubleshooting
Need help?
Do you have a question about the Oracle Database B10772-01 and is the answer not in the manual?