How to configure Oracle Network Encryption
1. Enable the trace add the following entry for trace enable on Client machine in sqlnet.ora file.
TRACE_LEVEL_CLIENT = SUPPORT
TRACE_UNIQUE_CLIENT = on
TRACE_LEVEL_SERVER = SUPPORT
TRACE_DIRECTORY_CLIENT = C:\trace
TRACE_FILE_CLIENT = client
TRACE_DIRECTORY_SERVER = C:\trace
TRACE_FILE_SERVER = server
DIAG_ADR_ENABLED = OFF
2. Create a sample table for encryption testing.
CREATE TABLE tde_test (
id NUMBER(10),
data VARCHAR2(50) ENCRYPT
)
TABLESPACE DATA_TBS;
INSERT INTO tde_test (id, data) VALUES (4, 'encryption test !');
COMMIT;
3. Check the trace file @ C:\trace location output like as below.
4. Add the below parameter's in the database server and application client sqlnet.ora file.
Server:
SQLNET.ENCRYPTION_SERVER = accepted
SQLNET.ENCRYPTION_TYPES_SERVER= (AES256)
SQLNET.CRYPTO_SEED = 'abcdefghijklmnopqrstuv'
SQLNET.CRYPTO_CHECKSUM_SERVER = accepted
SQLNET.CRYPTO_CHECKSUM_TYPES_SERVER=(sha1)
Client:
SQLNET.ENCRYPTION_CLIENT = requested
SQLNET.ENCRYPTION_TYPES_CLIENT = (AES256)
SQLNET.CRYPTO_SEED = 'abcdefghijklmnop'
SQLNET.CRYPTO_CHECKSUM_CLIENT = requested
SQLNET.CRYPTO_CHECKSUM_TYPES_CLIENT = (sha1)
5. Please close your previous application connected session and open new application session and run the below insert command to verify the encryption is working or not.
INSERT INTO tde_test (id, data) VALUES (5, 'encryption test 2 !');
commit;
6. Check the trace file @ C:\trace location output like below.
References : Doc ID 76629.1
TRACE_LEVEL_CLIENT = SUPPORT
TRACE_UNIQUE_CLIENT = on
TRACE_LEVEL_SERVER = SUPPORT
TRACE_DIRECTORY_CLIENT = C:\trace
TRACE_FILE_CLIENT = client
TRACE_DIRECTORY_SERVER = C:\trace
TRACE_FILE_SERVER = server
DIAG_ADR_ENABLED = OFF
2. Create a sample table for encryption testing.
CREATE TABLE tde_test (
id NUMBER(10),
data VARCHAR2(50) ENCRYPT
)
TABLESPACE DATA_TBS;
INSERT INTO tde_test (id, data) VALUES (4, 'encryption test !');
COMMIT;
3. Check the trace file @ C:\trace location output like as below.
4. Add the below parameter's in the database server and application client sqlnet.ora file.
Server:
SQLNET.ENCRYPTION_SERVER = accepted
SQLNET.ENCRYPTION_TYPES_SERVER= (AES256)
SQLNET.CRYPTO_SEED = 'abcdefghijklmnopqrstuv'
SQLNET.CRYPTO_CHECKSUM_SERVER = accepted
SQLNET.CRYPTO_CHECKSUM_TYPES_SERVER=(sha1)
Client:
SQLNET.ENCRYPTION_CLIENT = requested
SQLNET.ENCRYPTION_TYPES_CLIENT = (AES256)
SQLNET.CRYPTO_SEED = 'abcdefghijklmnop'
SQLNET.CRYPTO_CHECKSUM_CLIENT = requested
SQLNET.CRYPTO_CHECKSUM_TYPES_CLIENT = (sha1)
5. Please close your previous application connected session and open new application session and run the below insert command to verify the encryption is working or not.
INSERT INTO tde_test (id, data) VALUES (5, 'encryption test 2 !');
commit;
6. Check the trace file @ C:\trace location output like below.
References : Doc ID 76629.1
Comments
Post a Comment