APPENDIX A. Encryption and Checksum Parameters
This appendix shows an example of the SQLNET.ORA file generated after you perform the network configuration described in "Configuring Servers and Clients to Use Encryption and Checksumming" in Chapter 2 of this guide.
Sample SQLNET.ORA Configuration Files for Clients and Servers
Shown in this section are SQLNET.ORA configuration files for a set of clients with similar characteristics and a set of servers with similar characteristics, with examples of the Advanced Networking Option encryption and checksumming parameters.
SQLNET.ORA for a Set of Clients and Servers in a Single Community
################
# Filename......: sqlnet.ora
# Name..........: TCPCOM.world
# Date..........: 12-DEC-95 13:12:17
################
AUTOMATIC_IPC = ON
TRACE_LEVEL_CLIENT = OFF
SQLNET.EXPIRE_TIME = 0
NAMES.DEFAULT_DOMAIN = world
NAME.DEFAULT_ZONE = world
SQLNET.CRYPTO_SEED = "-kdje83KKEP39487dvmlqEPTbxXe702M73"
SQLNET.ENCRYPTION_CLIENT = REQUESTED
SQLNET.ENCRYPTION_TYPES_CLIENT = (RC4_40,DES40)
SQLNET.CRYPTO_CHECKSUM_CLIENT = REQUESTED
SQLNET.CRYPTO_CHECKSUM_TYPES_CLIENT = (MD5)
SQLNET.CRYPTO_CHECKSUM_CLIENT = REQUESTED
SQLNET.CRYPTO_CHECKSUM_TYPES_CLIENT = (MD5)
SQLNET.ENCRYPTION_TYPES_SERVER = (RC4_40,DES40)
SQLNET.CRYPTO_CHECKSUM_SERVER = REQUESTED
NAMES.DIRECTORY_PATH = (TNSNAMES,ONAMES)
SQLNET.AUTHENTICATION_SERVICES = (SECURID)
Note the following:
- If you do not specify any values on the Server Encryption, Client Encryption, Server Checksum, or Client Checksum pages in Network Manager, the corresponding configuration parameters will not appear in the SQLNET.ORA file. However,the Advanced Networking Option defaults the value to ACCEPTED.
- If no encryption or checksumming algorithm is specified on the Server Encryption, Client Encryption, Server Checksum, or Client Checksum pages in Network Manager, the server side of the connection uses the first algorithm in its own list of installed algorithms that also appears in the client's list of installed algorithms.
- Encryption and checksumming function independently of each other; encryption can be activated while checksumming is off, and vice versa.