AWS

Oracle RDS with SSL

Amazon just recently announced support for SSL connections with Oracle RDS. What better reason to try and test it out.

To use SSL with Oracle you’ll need:

  • Option Group with SSL enabled
  • VPC Security Group allowing port 2484
  • With that in mind I’ve created a cloudformation template to automate the build.

    You can run the template via the cli assuming you have all your environment setup.

    Once we have all the config complete and we create our stack we need to setup the Oracle client and wallet. First we create a directory to store everything and download the RDS CA certificate file from https://s3.amazonaws.com/rds-downloads/rds-ca-2015-root.pem.

    Create our wallet and add the cert with the following commands.

    Finally, add the following parameters to $ORACLE_HOME/network/admin/sqlnet.ora

    We are now ready to connect with SSL on port 2484.

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    CAPTCHA * Time limit is exhausted. Please reload CAPTCHA.