Saturday, March 31, 2012

How to setup secure database connection???

To use encryption for connection modify sqlnet.ora and add below lines :-


To confirm if encryption is working enable client level trace with value higher than 10 by adding below lines in sqlnet.ora

trace_level_client = 16
trace_unique_client = on
trace_directory_client = D:\oracle\network\trace

Check trace file :-

If encryption is active :-

[24-OCT-2006 10:00:32:087] na_tns: encryption is active, using RC4_256

If encryption is not active it will instead look like:

[24-OCT-2006 10:07:34:707] na_tns: encryption is not active

In my trace extract from my trace file :-

[28-MAR-2012 18:12:20:638] naeecom: The server chose the 'RC4_256' encryption algorithm
[28-MAR-2012 18:12:20:638] naeecom: exit
[28-MAR-2012 18:12:20:638] naeccom: entry
[28-MAR-2012 18:12:20:638] naeccom: The server chose the 'MD5' crypto-checksumming algorithm
[28-MAR-2012 18:12:20:638] naeccom: exit
[28-MAR-2012 18:12:20:638] na_tns: entry
[28-MAR-2012 18:12:20:638] na_tns: Secure Network Services is available.
[28-MAR-2012 18:12:20:638] nau_adi: entry
[28-MAR-2012 18:12:20:638] nau_adi: exit
[28-MAR-2012 18:12:20:638] na_tns:  authentication is not active
[28-MAR-2012 18:12:20:638] na_tns:  encryption is active, using RC4_256
[28-MAR-2012 18:12:20:638] na_tns:  crypto-checksumming is active, using MD5
[28-MAR-2012 18:12:20:638] na_tns: exit
[28-MAR-2012 18:12:20:638] na_coco: exit
[28-MAR-2012 18:12:20:638] naconnect: exit
[28-MAR-2012 18:12:20:638] nsnafinishconn: entry
[28-MAR-2012 18:12:20:638] nagetctxinfo: entry
[28-MAR-2012 18:12:20:638] nagetctxinfo: exit
[28-MAR-2012 18:12:20:638] nsnafinishconn: normal exit
[28-MAR-2012 18:12:20:638] nsnadoconn: normal exit
[28-MAR-2012 18:12:20:638] nsnaconn: normal exit
[28-MAR-2012 18:12:20:638] nscall: normal exit
[28-MAR-2012 18:12:20:638] niotns: niotns: passing ns handle back up...

No comments:

Post a Comment