Enabling SSL
Configuring Secure Sockets Layer Authentication 7-21
To set the SSL version for the server:
1. Navigate to the SSL tab of the Oracle Advanced Security window in Oracle Net
Manager, and select Configure SSL for: Server.
2. In the Require SSL Version: list, the default is Any. Accept this default or select
the SSL version you want to use.
3. Choose File > Save Network Configuration.
If you chose Any, then the sqlnet.ora file is updated with the following
entry:
SSL_VERSION=UNDETERMINED
Step 5: Set SSL Client Authentication on the Server (Optional)
The SSL_CLIENT_AUTHENTICATION parameter in the sqlnet.ora file controls
whether the client is authenticated using SSL. The default value is TRUE.
You must set this parameter to FALSE if you are using a cipher suite that contains
Diffie-Hellman anonymous authentication (DH_anon). Also, you can set this
parameter to FALSE for the client to authenticate itself to the server by using any of
the non-SSL authentication methods supported by Oracle Advanced Security, such
as Kerberos or RADIUS.
To set SSL_CLIENT_AUTHENTICATION to FALSE on the server:
1. Navigate to the SSL tab of the Oracle Advanced Security window in Oracle Net
Manager, and select Configure SSL for: Server. The Oracle Advanced Security
SSL window for server configuration appears (Figure 7–4).
Note: SSL 2.0 is not supported on the server side.
To Next Page
Loading...