

However, all these features work with and apply to Transport Layer Security.įor example, suppose the WALLET_LOCATION parameter in sqlnet.ora is set as follows: (SOURCE=(METHOD=FILE)(METHOD_DATA= The names of cipher suites and the wording in error messages also use the SSL terminology. Many SSL parameters, such as SSL_SERVER_CERT_DN, use the older terminology. For example, the netmgr tool still uses the terms Secure Socket Layer and SSL.

#EM CLIENT SUPPORT SSL SOFTWARE#
The Oracle Database software still uses some of the older terminology. Where distinctions occur between how you use or configure these protocols, Oracle Database Security Guide specifies what is appropriate for either SSL or TLS. However, other documentation in the Oracle Database library may still use the earlier terms Secure Socket Layer and SSL. Oracle Database Security Guide uses the terms Transport Layer Security and TLS instead of Secure Sockets Layer and SSL since the Oracle Database has implemented TLS. Transport Layer Security (TLS) is an incremental version of Secure Sockets Layer (SSL) version 3.0.Īlthough SSL was primarily developed by Netscape Communications Corporation, the Internet Engineering Task Force (IETF) took over development of it, and renamed it Transport Layer Security (TLS). Oracle Database supports hardware security modules that use APIs that conform to the RSA Security, Inc., PKCS #11 specification. Configuring Your System to Use Hardware Security Modules.Oracle provides tools that enable you to validate certificates using certificate revocation lists. Certificate Validation with Certificate Revocation Lists.Troubleshooting the Transport Layer Security ConfigurationĬommon errors may occur while you use the Oracle Database SSL adapter.

You must configure Transport Layer Security on the server, and then the client. Transport Layer Security Connection with a Client Wallet.Transport Layer Security Connection without a Client WalletĪ Transport Layer Security (TLS) connection that uses a common root certificate for the database server does not require a client wallet.You should be aware of TLS usage issues, such as communication with other Oracle products and types of supported authentication and encryption methods. Oracle Database supports two application proxy-based and stateful packet inspection of firewalls. You can configure Oracle Database to use TLS concurrently with database user names and passwords, RADIUS, and Kerberos. Transport Layer Security Combined with Other Authentication Methods.Public Key Infrastructure in an Oracle EnvironmentĪ public key infrastructure (PKI) is a substrate of network components that provide a security underpinning, based on trust assertions, for an entire organization.When a network connection over Transport Layer Security is initiated, the client and server perform a TLS handshake before performing the authentication. How Transport Layer Security Works in an Oracle Environment: The TLS Handshake.

Transport Layer Security works with the core Oracle Database features such as encryption and data access controls. How Oracle Database Uses Transport Layer Security for Authentication.Netscape Communications Corporation designed Transport Layer Security (TLS), previously called Secure Sockets Layer (SSL), to secure network connections. Transport Layer Security and Secure Sockets Layer.
