Native encryption does not seem to be working
OS: RH7
DB 12.2.0.1
sqlnet has the below settings
NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)
ADR_BASE = /u01/app/oracle
SQLNET.EXPIRE_TIME=3
SQLNET.INBOUND_CONNECT_TIMEOUT=300
SSL_VERSION=1.2
SSL_CLIENT_AUTHENTICATION = TRUE
#CIPHER_SUITES
SSL_CIPHER_SUITES = (SSL_RSA_WITH_AES_256_CBC_SHA256,SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,SSL_RSA_WITH_AES_128_GCM_SHA256,SSL_RSA_WITH_AES_256_GCM_SHA384)
SQLNET.ALLOWED_LOGON_VERSION_SERVER = 11
SQLNET.ALLOWED_LOGON_VERSION_CLIENT = 11
SQLNET.CRYPTO_CHECKSUM_TYPES_CLIENT= (SHA384)
SQLNET.CRYPTO_CHECKSUM_TYPES_SERVER= (SHA384)
SQLNET.CRYPTO_CHECKSUM_CLIENT = REQUIRED
SQLNET.CRYPTO_CHECKSUM_SERVER = REQUIRED
SQLNET.ENCRYPTION_TYPES_CLIENT= (AES256)
SQLNET.ENCRYPTION_TYPES_SERVER= (AES256)
SQLNET.ENCRYPTION_CLIENT = REQUIRED
SQLNET.ENCRYPTION_SERVER = REQUIRED
---listener
SID_LIST_LISTENER =
(SID_LIST =
(SID_DESC =
(ORACLE_HOME = /u01/app/oracle/product/12.2.0/database)
(SID_NAME = orcl)
(ENVS="TNS_ADMIN=/u01/app/oracle/product/12.2.0/database/network/admin_non_ssl")
)
)
Client Trace
(24244) [21-APR-2020 13:14:13:914] naeecom: Encryption inactive(24244) [21-APR-2020 13:14:13:914] naeecom: exit
(24244) [21-APR-2020 13:14:13:914] naeccom: entry
(24244) [21-APR-2020 13:14:13:917] naeccom: The server chose the 'SHA384' crypto-checksumming algorithm
(24244) [21-APR-2020 13:14:13:917] naeccom: exit
(24244) [21-APR-2020 13:14:13:917] na_tns: entry
(24244) [21-APR-2020 13:14:13:917] na_tns: Secure Network Services is available.
(24244) [21-APR-2020 13:14:13:917] nau_adi: entry
(24244) [21-APR-2020 13:14:13:917] nau_adi: exit
(24244) [21-APR-2020 13:14:13:917] na_tns: Authentication is not active
(24244) [21-APR-2020 13:14:13:918] na_tns: Encryption is not active
(24244) [21-APR-2020 13:14:13:918] na_tns: Crypto-checksumming is active, using SHA384
I am not sure why it is not encrypting the communications
Thanks
Dave