tcps connection failure

From: Chen Zhou <oracle.unknowns_at_gmail.com>
Date: Wed, 2 Dec 2015 15:54:26 -0800
Message-ID: <CAJUY3dQJnps6N1371h_CiDDwzCgcDKL48DFFXFQnYinCm5tAdg_at_mail.gmail.com>

Hi,
I can't seem to establish tcps connection from my (Windows 7) laptop to a database on linux server.
I have configured the wallet on my client (11.2.0.1) with certificate on my laptop. sqlnet.ora included the wallet info and tnsnames.ora file has the DN of the server certificate.
However, when I used Toad (v12.6.0.53), it failed with "ORA-28865: SSL connection closed".

Client side trace file showed the wallet was opened, then ssl handshake succeeded with the entry "ntzdosecneg: SSL handshake done", then "ntznzosread: encountered "wouldblock" error", and "ntt2err: Read unexpected EOF ERROR on 2012".

Here is the content of client sqlnet.ora file,

SQLNET.AUTHENTICATION_SERVICES= (BEQ, TCPS) SSL_VERSION = 1.0 TRACE_LEVEL_CLIENT = SUPPORT SSL_CLIENT_AUTHENTICATION = FALSE TRACE_LEVEL_SERVER = SUPPORT LOG_FILE_CLIENT = oracle_client.log

WALLET_LOCATION =
  (SOURCE =
(METHOD = FILE)
(METHOD_DATA =

      (DIRECTORY = D:\app\product\11.2.0\client_2\BIN\owm\wallets\wallet1)     )
  )

LOG_DIRECTORY_CLIENT = D:\tmp\log

DIAG_ADR_ENABLED = OFF SQLNET.INBOUND_CONNECT_TIMEOUT = 1000 On the client side, the tnsnames.ora file has this entry:

db1 =
  (DESCRIPTION =
(ADDRESS_LIST =

      (ADDRESS = (PROTOCOL = TCPS)(HOST = server1.domain)(PORT = 2484))     )
(CONNECT_DATA =

      (SERVICE_NAME = db1.domain)
    )
(SECURITY=

     (SSL_SERVER_CERT_DN="CN=server1.domain,OU=Development,O=Company Name,L=CityX,ST=XX,C=US"))
  )

On the server side, the listener.log showed a successful connection:

02-DEC-2015 17:32:29 *
(CONNECT_DATA=(SERVICE_NAME=db1.domain)(CID=(PROGRAM=D:\Dell\Toad?for?Oracle?12.6\Toad.exe)(HOST=HS00123)(USER=username))) * (ADDRESS=(PROTOCOL=tcps)(HOST=XX.XX.XX.XX)(PORT=54073)) * establish * db1.domain * 0

Any idea what is not working here? Why ssl connection was closed? I don't have to use Toad, but prefer to make it work.

Thank you,
Chen

--
http://www.freelists.org/webpage/oracle-l

Received on Thu Dec 03 2015 - 00:54:26 CET

This message: [ Message body ]
Next message: David Barbour: "Re: Checkpoints - Recoverablity"
Previous message: Stefan Koehler: "RE: cursors"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message