Enabling SSL
Configuring Secure Sockets Layer Authentication
7-25
(SECURITY=
(SSL_SERVER_CERT_DN="cn=finance,cn=OracleContext,c=us,o=acme"))
The client uses this information to obtain the list of DNs it expects for each of
the servers, enforcing the server's DN to match its service name.
Example 7–1
shows an entry for the
Finance
database in the
tnsnames.ora
file.
Alternatively, the administrator can ensure that the common name (CN) portion
of the server's DN matches the service name.
2.
Also in the client
tnsnames.ora
file, enter
tcps
as the
PROTOCOL
in the
ADDRESS
parameter. This specifies that the client will use TCP/IP with SSL to
connect to the database that is identified in the
SERVICE_NAME
parameter.
Example 7–1
also shows an entry that specifies TCP/IP with SSL as the
connecting protocol in the
tnsnames.ora
file.
3.
In the
listener.ora
file, enter
tcps
as the
PROTOCOL
in the
ADDRESS
parameter.
Example 7–2
shows an entry that specifies TCP/IP with SSL as the
protocol.
Example 7–1
Sample tnsnames.ora File with Server Certificate DN and TCP/IP with
SSL Specified
finance=
(DESCRIPTION=
(ADDRESS_LIST=
(ADDRESS= (PROTOCOL = tcps) (HOST = finance_server) (PORT = 1575)))
(CONNECT_DATA=
(SERVICE_NAME= Finance.us.acme.com))
(SECURITY=
(SSL_SERVER_CERT_DN="cn=finance,cn=OracleContext,c=us,o=acme"))
Example 7–2
Sample listener.ora File with TCP/IP with SSL Specified as the Protocol
LISTENER=
(DESCRIPTION_LIST=
(DESCRIPTION=
(ADDRESS= (PROTOCOL = tcps) (HOST = finance_server) (PORT = 1575))))
Step 3: Specify Required Client SSL Configuration (Wallet Location)
Use Oracle Net Manager to specify required configuration parameters for the client
(See
"Starting Oracle Net Manager"
on page 2-2):
Summary of Contents for Database Advanced Security 10g Release 1
Page 17: ...xvii ...
Page 20: ...xx ...
Page 24: ...xxiv ...
Page 42: ...xlii ...
Page 44: ......
Page 102: ......
Page 124: ......
Page 246: ...Managing Certificates 8 28 Oracle Database Advanced Security Administrator s Guide ...
Page 284: ......
Page 384: ......
Page 414: ...Physical Security D 6 Oracle Database Advanced Security Administrator s Guide ...
Page 518: ...Index 10 ...