Good Morning Everyone -
I have an issue that I am not smart enough to troubleshoot (and I haven't caught the right IT Help Desk person either) and I am hoping someone can assist.
I have about 6 databases that I connect to in TOAD. What I have found out is that in order to get one of the databases to work I have to swap out my sqlnet.ora file in order to connect, but when I do that I cannot log into my other 5 databases.
Side-note: I don't have Admin rights, so every time I have to change out my sqlnet.ora I have to call the help desk. I would rather have one file that will work for everything, if possible.
I was hoping that someone can look at the lines of each sqlnet.ora file to help me figure out what might be causing the issue?
I believe it has something to do with the very top few lines.
I can use this to connect to 5 databases with no issue, and only 1 fails:
SQLNET.AUTHENTICATION_SERVICES= (TCPS)
SSL_VERSION = 1.1
SSL_SERVER_DN_MATCH = NO
SSL_CLIENT_AUTHENTICATION = TRUE
WALLET_LOCATION = (SOURCE = (METHOD = MCS))
I can use this to connect that 1 database that fails above, but it kills the connection to the other 5 databases:
NAMES.DIRECTORY_PATH=(TNSNAMES)
SQLNET.AUTHENTICATION_SERVICES=(BEQ,TCPS)
SSL_CLIENT_AUTHENTICATION=TRUE
SSL_VERSION=1.2
WALLET_LOCATION=(SOURCE=(METHOD=MCS))
Any help would be greatly appreciated!
Thank you!
Damien
So, do I basically need to choose one or the other based on the databases I want to access or continually call the Help Desk if I want to switch out my sqlnet.ora?
You can put SSL_VERSION in TNSNAMES.ora. I think that would override what's in SQLNet.ora. Does that solve your problem?
Actually, "SSL_VERSION=1.1 or 1.2" is the setting. That is how to specify both together.
Cheers,
Russ
1 Like
Thank you sir! I have modified my file and I put in a ticket to have my Help Desk copy it and I will let you know if that solves the issue. I appreciate your help!
Well, unfortunately that didn't fix the issue either. I am back to the drawing board. I modified the setting as you illustrated above and it actually wouldn't allow me to connect to any databases after that.
The real issue is that I have 2 different sqlnet.ora files and one of them will allow me to connect to 5 out of 6 databases, but when I switch it to the other sqlnet.ora file it allows me to connect to the 6th database, but it won't let me connect to any of the other 5. So there is something in the 2 files that I don't know how to correct in order to be able to use all 6 databases.
I would try this:
- Use the SQLNet.ora that allows you to connect to 5 of the 6 databases.
- For the 6th database, override the parameters in the tnsnames entry. See the link in my prior post to see how to do that. SSL_VERSION is in the SECURITY section of a TNSNAMES entry. SQLNET_AUTHENTICATION_SERVICES is just called AUTHENTICATION_SERVICE in a TNSNAMES entry (and is also in the security section).
maybe something like this:
net_service_name=
(DESCRIPTION=
(ADDRESS=(PROTOCOL=tcps)(HOST=sales-svr)(PORT=1521))
(SECURITY=(AUTHENTICATION_SERVICE=(BEQ,TCPS))
(SSL_VERSION=1.2))
(CONNECT_DATA=(SERVICE_NAME=sales.us.example.com))
)
1 Like
Okay, I think this is definitely worth a shot. I appreciate you sending me another idea.
1 Like
Just in case anyone is curious, I was finally able to get my problem resolved.
They granted me access to the folder I needed so I could experiment with the tnsnames.ora and the sqlnet.ora files as much as I needed. I found out that I could access different databases as I switched from "SSL_VERSION = 1.1" to "SSL_VERSION = 1.2", but when I tried the suggestion above to have it read "SSL_VERSION=1.1 or 1.2" that didn't work for me.
The solution in the long-run was to change the sqlnet.ora file and have the "SSL_VERSION = undetermined"
Instead of specifying 1.1 or 1.2, it will cause it to try the latest version.
Just in case anyone else has the same issue.
Thanks for all your help in pointing me in the right direction!
Damien
1 Like
I wonder, then, whether "SSL_VERSION=1.0 or 1.1 or 1.2" would work.
Cheers,
Russ