The Oracle database product supports SSL/TLS connections in its standard edition (since 12c). The Secure Sockets Layer (SSL) protocol provides network-level authentication, data encryption, and data integrity. When a network connection over SSL is initiated, the client and server perform a handshake that includes:
· Negotiating a cipher suite for encryption, data integrity, and authentication.
· Authenticating the client by validating its certificate
· Authenticating the server by verifying that its Distinguished Name (DN) is expected.
· Client and server exchange key information using public key cryptography.
To establish an SSL connection, the Oracle database sends its certificate, which is stored in a wallet. Therefore, on the server, the configuration requires a wallet. On the client, the JDBC thin driver can use different formats to store the client’s certificate and key. For example, JKS, Wallet, or PKCS12.
This document provides details about the steps to establish an SSL connection over TLSv1.2 using the JDBC thin driver with Oracle wallet having storetype as SSO with OraclePKIProvider.
Topics:
· Configure to Connect OFSAA to the Oracle Database Using a Secure Database Connection (TCPS)
For the documentation, see the Configurations for Connecting OFSAA to Oracle Database using Secure Database Connection (TCPS) section in the OFS Analytical Applications Infrastructure Administration Guide.