Configuring Oracle Primary Database for SSL Connection

Configure Oracle to accept SSL connections from Replication Agent.

  1. Configure listener.ora to use TCPS protocol.
    LISTENER = (ADDRESS_LIST= (ADDRESS=(PROTOCOL=tcps)(HOST=servername)(PORT=2484)))
  2. Create an Oracle wallet and configure a certificate and its associated private key into the wallet.
    See the Oracle documentations for details.
  3. Provide the wallet location in sqlnet.ora and listener.ora.
    WALLET_LOCATION=(SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=/server/wallet/path/)))
  4. Configure SSL_CLIENT_AUTHENTICATION in sqlnet.ora and listener.ora to turn on or off the client authentication.
    SSL_CLIENT_AUTHENTICATION=FALSE or SSL_CLIENT_AUTHENTICATION=TRUE
  5. If you turn on the client authentication, add the CA root certificate of the Replication Agent certificate to the Oracle wallet.
Parent topic: Configuring SSL from a Replication Agent to Oracle