Re: sqlnet.ora Changes Causing Issues

From: pier paolo Bruno <pbrunoster_at_gmail.com>
Date: Thu, 20 Oct 2022 14:57:56 +0200
Message-ID: <CA+dM1yMMJFdh_4N1gHvxDjT196kmkC=nLWwETbDvMPfMTpAmEg_at_mail.gmail.com>

Not sure but from oracle doc : "
The server searches for a match between the algorithms available on both the client and the server, and picks the first algorithm in its own list that also appears in the client list. If one side of the connection does not specify an algorithm list, all the algorithms installed on that side are acceptable. The connection fails with error message ORA-12650 if either side specifies an algorithm that is not installed. "
Are you sure your oci_module for connecting in php to oracle has been built with the support for the algorithm you are asking ? If you make a test making the encryption required and not requested, does it work ?

Il giorno gio 20 ott 2022 alle ore 14:46 Scott Canaan <srcdco_at_rit.edu> ha scritto:

> We are in the process of tightening our security by changing the
> crypto_checksum_type from SHA1/MD5 to SHA512 and making that and encryption
> required in the sqlnet.ora. In one application, when we make this change
> on the database server, they get an ORA-12650 error, which states that
> there is no matching checksum between the client and server.
>
>
>
> On the app server (client), I can connect to the database via SQL*Plus, so
> the configuration works from a base install perspective. The vendor says
> that since we changed the environment, it’s our fault that their code no
> longer works. They sent me this piece of code:
>
>
>
> <?php
>
>
>
> return [
>
> 'oracle' => [
>
> 'driver' => 'oracle',
>
> 'tns' => '(DESCRIPTION = (ADDRESS_LIST =
> (ADDRESS = (PROTOCOL = TCP)(HOST = ' . env('ORCL_HOST') . ')(PORT = 1521)))
> (CONNECT_DATA = (SID = ' . env('ORCL_SERVICE_NAME') . ')))',
>
> // 'host' => env('ORCL_HOST', ''),
>
> // 'port' => env('ORCL_PORT', '1521'),
>
> 'database' => env('ORCL_DATABASE', ''),
>
> 'username' => env('ORCL_USERNAME', ''),
>
> 'password' => env('ORCL_PASSWORD', ''),
>
> 'charset' => env('ORCL_CHARSET', 'AL32UTF8'),
>
> 'prefix' => env('ORCL_PREFIX', ''),
>
> // 'service_name' => env('ORCL_SERVICE_NAME', ''),
>
> ],
>
> ];
>
>
>
> Is there anything that can be added to this to support using encryption
> and SHA512 for crypto_checkumming?
>
>
>
> *Scott Canaan ‘88*
>
> *Sr Database Administrator *Information & Technology Services
> Finance & Administration
>
>
> *Rochester Institute of Technology *o: (585) 475-7886 | f: (585) 475-7520
>
> *srcdco_at_rit.edu <srcdco_at_rit.edu>* | c: (585) 339-8659
>
> *CONFIDENTIALITY NOTE*: The information transmitted, including
> attachments, is intended only for the person(s) or entity to which it is
> addressed and may contain confidential and/or privileged material. Any
> review, retransmission, dissemination or other use of, or taking of any
> action in reliance upon this information by persons or entities other than
> the intended recipient is prohibited. If you received this in error, please
> contact the sender and destroy any copies of this information.
>
>
>

--
http://www.freelists.org/webpage/oracle-l

Received on Thu Oct 20 2022 - 14:57:56 CEST

This message: [ Message body ]
Next message: Laurentiu Oprea: "Re: Need help in SQL tunning"
In reply to Scott Canaan: "sqlnet.ora Changes Causing Issues"
Next in thread: Jon Crisler: "Re: sqlnet.ora Changes Causing Issues"
Reply: Jon Crisler: "Re: sqlnet.ora Changes Causing Issues"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message