murchu
asked on
How do I connect to multiple Oralce database servers using SSL from a single Oracle client
I work on an appliction which queries multiple databases for data and consolidates this data into a single database for reporting purposes. The application works by installing it on a server along with Oracle client and using TNS to establish a connection to each remote database server and then query the data. This has worked up to now. However the remote database servers have now been made secure and require SSL access. The servers use Oracle Wallet Manager to create certs. I have been able to establish a connection to a single Oracle database server by taking the following steps.
1. Create folder on local server named dbSafe
2. Copied the files eWallet.p12 & cwallet.sso from an Oracle server to the local server.
3. Modified the local sqlnet.ora file to include the following
SQLNET.AUTHENTICATION_SERV ICES= (NTS,TCPS)
NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)
SSL_VERSION = undetermined
SSL_CLIENT_AUTHENTICATION = TRUE
WALLET_LOCATION =
(SOURCE =
(METHOD = FILE)
(METHOD_DATA =
(DIRECTORY = C:\Program Files\oracle\dbSafe)
)
)
However I need to be able to connect to multiple Oracle servers. I can't figure out how to achieve this as the sqlnet.ora only seems to allow only WALLET_LOCATION to be specified. Is there anyway to achieve this?
1. Create folder on local server named dbSafe
2. Copied the files eWallet.p12 & cwallet.sso from an Oracle server to the local server.
3. Modified the local sqlnet.ora file to include the following
SQLNET.AUTHENTICATION_SERV
NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)
SSL_VERSION = undetermined
SSL_CLIENT_AUTHENTICATION = TRUE
WALLET_LOCATION =
(SOURCE =
(METHOD = FILE)
(METHOD_DATA =
(DIRECTORY = C:\Program Files\oracle\dbSafe)
)
)
However I need to be able to connect to multiple Oracle servers. I can't figure out how to achieve this as the sqlnet.ora only seems to allow only WALLET_LOCATION to be specified. Is there anyway to achieve this?
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
Apparently parameters can be configured dynamically by specifying a security subsection in the Oracle Net address. This allows wallet files from 2 different servers to be used by the same Oracle client.
The sample snippet from the tnsnames.ora is below,.
REMOTE_DB_1 =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCPS)(HOST = 127.0.0.1)(PORT = 1575))
)
(CONNECT_DATA =
(SERVICE_NAME = ABC)
)
(SECURITY = (MY_WALLET_DIRECTORY = c:\program files\oracle\dbSafe_Server
)
REMOTE_DB_2 =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCPS)(HOST = 127.0.0.1)(PORT = 1575))
)
(CONNECT_DATA =
(SERVICE_NAME = ABC)
)
(SECURITY = (MY_WALLET_DIRECTORY = c:\program files\oracle\dbSafe_Server
)