Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

How to enable WLP SSL connection with Oracle database

Questions
Tags
Users
Badges
Tojan John
(1172882) Mar 08 '18, 6:46 a.m.

 We have CLM 6.0.3 environment with bundled Liberty profile. Our requirement is to have SSL connection between the application and Oracle database.


In this case, what shall be the database connection string format? 
What all settings to be done in Websphere Liberty profile?

Any help to achieve SSL Connection between CLM application and Oracle database is appreciated.

0 votes

2 answers
3,212 views
0 votes

Accepted answer

Permanent link
Susan Wu
(4712116) Jun 25 '21, 6:03 p.m.

There is way to establish secure db connection with Oracle.  The detailed steps can found in Missing documentation on how to establish secure Oracle DB connection with ELM (537626)

Ralph Schoon selected this answer as the correct answer

0 votes

Comments
Ian Barnard
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER Mar 21 '23, 5:07 a.m.

This is now documented https://www.ibm.com/docs/en/elm/7.0.2?topic=server-establishing-secure-oracle-database-connection-liberty 

One other answer

Permanent link
Donald Nong
(14.5k614) Mar 08 '18, 10:00 p.m.

This old post gives a pretty good example, for WebSphere Application Server that is.
https://jazz.net/forum/questions/214634/how-can-i-use-a-secure-oracle-port-for-my-clm-repositories

For the equivalent in WLP, notice the first sentence in the answer - you can pass the necessary configuration parameters through the JVM using Java parameters. If you open the server.startup script, you will see many lines containing "JAVA_OPTS", and that's where you add the Java parameters.

Note that with the "javax.net.ssl.trustStore" parameter, the JVM uses a non-default truststore, and you may need to re-import certificates from other servers if you did cross-server SSL certificate import before.

1 vote

Comments
Tojan John
Mar 09 '18, 5:33 a.m.

 Hi Donald,

Even after following the steps in the link, getting err msg. Connection fails with tcps and with port 2482. Connection works with tcp and port 1521

Below properties are added in JTS server.startup file

JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.trustStore=/opt/truststore/clienttrststre.jks"
JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.trustStoreType=JKS"
JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.trustStorePassword=xx"
JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.keyStore=/opt/keystre/clit.jks"
JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.keyStoreType=JKS"

JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.keyStorePassword=xx"

Error on database test connection while running JTS setup 
Caused by: oracle.net.ns.NetException: The Network Adapter could not establish the connection
Caused by: oracle.net.ns.NetException: The ssl protocol specified is not supported
Caused by: java.lang.IllegalArgumentException: SSLv2Hello is not a recognized protocol

Donald Nong
Mar 12 '18, 1:56 a.m.

It appears that you have the exact same error as the other user did.
https://jazz.net/forum/questions/250527/sslv2hello-is-not-a-recognized-protocol

Check my answer there, and you may have to take it up to Oracle Support if the Tech Doc cannot resolve your issue.

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Ask a question
Guidelines
FAQ
Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 7,497
× 2,357

Question asked: Mar 08 '18, 6:46 a.m.

Question was seen: 3,212 times

Last updated: Mar 21 '23, 5:07 a.m.

Confirmation Cancel Confirm