8 Replies Latest reply: Aug 5, 2014 7:14 AM by CycleGeek RSS

    Encrypting Connections

    CycleGeek

      I am running Oracle 11.2.0.3 and I need to provide support for both unencrypted and encrypted connections.  Unencrypted connections is configured and working fine, but I need to add support for encrypted connections.

       

      I would like to use Oracle Advanced Security to do this as it seems fairly simple.  Am I correct when I say that I'll need to setup another listener on a different port if I want these connections to be required to use encryption while still maintaining the ability to accept unencrypted connections on the currently configured listener?

       

      Thanks,

      Mark

        • 1. Re: Encrypting Connections
          sol.beach

          CycleGeek wrote:

           

          I am running Oracle 11.2.0.3 and I need to provide support for both unencrypted and encrypted connections.  Unencrypted connections is configured and working fine, but I need to add support for encrypted connections.

           

          I would like to use Oracle Advanced Security to do this as it seems fairly simple.  Am I correct when I say that I'll need to setup another listener on a different port if I want these connections to be required to use encryption while still maintaining the ability to accept unencrypted connections on the currently configured listener?

           

          Thanks,

          Mark

           

          what flavor of client needs to be supported with "encrypted" connection?

           

          single listener can listen on multiple ports concurrently.

          • 2. Re: Encrypting Connections
            JustinCave

            If you want one listener that requires encrypted connections and another that doesn't support encrypted connections, then yes, you'd need a second listener.

             

            Normally, though, you'd simply configure your single listener to allow but not require encryption.  Clients that support encryption would create encrypted connections, clients that do not would create unencrypted connections.  I'm not sure what benefit you'd derive from having two separate listeners.

             

            Justin

            • 3. Re: Encrypting Connections
              CycleGeek

              These would be jdbc connections.  And I believe I need two listeners because the connections coming in that need encryption are required to use encryption, it's not optional.

              • 4. Re: Encrypting Connections
                sol.beach

                CycleGeek wrote:

                 

                These would be jdbc connections.  And I believe I need two listeners because the connections coming in that need encryption are required to use encryption, it's not optional.

                 

                 

                Is this a 3-tier application; like below

                 

                EndUser<=>browser<=>WebServer<=>ApplicationServer<=>DatabaseServer

                • 5. Re: Encrypting Connections
                  Girish Sharma

                  I think you will get below link helpful :

                  Configuring Network Data Encryption

                  Or

                  below doc link:

                  Configuring Network Data Encryption and Integrity for Oracle Servers and Clients

                   

                  Regards

                  Girish Sharma

                  • 6. Re: Encrypting Connections
                    sybrand_b

                    No you are not correct.

                    Single listener supports both TCP and TCPS

                     


                    Sybrand Bakker

                    Senior Oracle DBA

                    • 7. Re: Encrypting Connections
                      CycleGeek

                      sol.beach wrote:

                       

                      CycleGeek wrote:

                       

                      These would be jdbc connections.  And I believe I need two listeners because the connections coming in that need encryption are required to use encryption, it's not optional.

                       

                       

                      Is this a 3-tier application; like below

                       

                      EndUser<=>browser<=>WebServer<=>ApplicationServer<=>DatabaseServer

                      Yes it is.

                      • 8. Re: Encrypting Connections
                        CycleGeek

                        sybrand_b wrote:

                         

                        No you are not correct.

                        Single listener supports both TCP and TCPS

                         


                        Sybrand Bakker

                        Senior Oracle DBA

                         

                        But it must be configured to listen on two different ports correct?