I can add specific connection properties (for connection pooling, etc.) with JDBC/thin connections from Java to Oracle by using
props.put("connectionPoolName", "ConnPool");
props.put("description", "UCP JNDI Connection Pool");
props.put("factory", "oracle.ucp.jdbc.PoolDataSourceImpl");
props.put("inactiveConnectionTimeout", "5");
props.put("user", "scott");
[...]
I can also use a context.xml for these settings, like:
description="UCP JNDI Connection Pool"
connectionFactoryClassName="oracle.jdbc.pool.OracleDataSource"
factory="oracle.ucp.jdbc.PoolDataSourceImpl"
inactiveConnectionTimeout="5"
user="scott"
So I tried setting Oracle 12 native encryption parameters in context.xml in countless ways, for example:
connectionProperties="oracle.net.encryption_client=(REQUIRED);oracle.net.encryption_types_client=(AES256);oracle.net.crypto_checksum_client=(REQUIRED);oracle.net.crypto_checksum_types_client=(SHA1)"
or
connectionProperties="oracle.net.encryption_client=REQUIRED"
connectionProperties="oracle.net.encryption_types_client=AES256"
connectionProperties="oracle.net.crypto_checksum_client=REQUIRED"
connectionProperties="oracle.net.crypto_checksum_types_client=SHA1"
(Which obviously doesn't work)
or
SQLNET.ENCRYPTION_CLIENT="REQUIRED"
SQLNET.CRYPTO_CHECKSUM_CLIENT="REQUIRED"
SQLNET.ENCRYPTION_TYPES_CLIENT="AES256"
etc.
...and nothing works. Does anybody know if you can set the client encryption parameters in context.xml? And if yes: how to do so?
The server is configured correctly and the encryption works when using option 1 or sqlplus client, but nothing gets encrypted by using context.xml, but also no errors are logged or anything, it just transfers unencrypted data.
I assume I miss something trivial, or just don't know the correct parameters for context.xml.
Try using the , as the separator as shown here. Check OracleConnection for the correct name of the connection property.
connectionProperties="{javax.net.ssl.trustStore=/home/myuser/cloud/truststore.jks,
javax.net.ssl.trustStoreType=JKS, javax.net.ssl.trustStorePassword=welcome1,
javax.net.ssl.keyStore=/home/myuser/cloud/keystore.jks, javax.net.ssl.keyStoreType=JKS,
javax.net.ssl.keyStorePassword=welcome1,
oracle.net.ssl_version=1.2, oracle.net.ssl_server_dn_match=true}"
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.