ORA-00542: Failure during SSL handshake

user4784967

Hello,

I have to change my c# project the Oracle-Database access by SSL (wallet). 

I get the certificate for the wallet and create the wallet by myself:

orapki wallet create -wallet walletpath -pw PASSWORT -auto_login

orapki wallet add -wallet walletpath -trusted_cert -cert certificate.pem

mkstore -wrl walletpath -createCredential tnsalias username password

Without SSL all works fine. But with SSL and a wallet I get the error "ORA-00542" (see the Oracle trace file). It sounds like a problem with the certificate. Is the certificate wrong or the creation of the wallet?

I have tried ODP.NET 21.6.1 and 19.5.1 (Oracle.ManagedDataAccess)

Thanks for any help

OracleTrace.txt

Alex Keh-Oracle

It looks like the inner exception is reporting "The remote certificate is invalid according to the validation procedure" as translated from German.

The ODP.NET doc has some step-by-instructions for setting up SSL configuration, which I linked to below. Further down in the same documentation section, there are some ODP.NET SSL troubleshooting recommendations.

https://docs.oracle.com/en/database/oracle/oracle-database/21/odpnt/featConnecting.html#GUID-3B4B12E5-767F-4956-A3E4-EBD501A5365C

user4784967

I had already found this website and I have tested different configuration. Any other idea?

Alex Keh-Oracle

You got an untrusted root error.

Can you try adding that CA pub certificate to the root/localmachine store? You should also try removing the following from app.config AND sqlnet.ora:

SSL_SERVER_DN_MATCH : ON

SSL_CIPHER_SUITES : (SSL_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_AES_256_CBC_SHA256)

If you still see an error after these changes, please provide the trace.

Are you trying to connect to Oracle Autonomous DB with a wallet or with one-way TLS?