TLS Support for Oracle Database

In order to use a TLS based connection for the Oracle Database application, the following configurations must be performed on IdentityIQ:

Import Oracle Server certificates to the java keystore on IdentityIQ using the following command:

keytool -import -alias <alias_name> -file <certificate.crt> -keystore <keystore_used_IdentityIQ>

Provide the PROTOCOL, HOST, PORT, and SERVICE_NAME parameters in Oracle database application URL in the following format:

jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=<host_name>)(PORT=<port number>))(CONNECT_DATA=(SERVER = DEDICATED)(SERVICE_NAME = <service_name>)))

For example:

jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=WIN-0PR71D80V83)(PORT=2500))(CONNECT_DATA=(SERVER = DEDICATED)(SERVICE_NAME = orcx)))
By default, IdentityIQ uses the ojdbc8.jar file for connecting to the Oracle database, which only supports TLS version 1.0. In order to use TLS version 1.2, replace the ojdbc6.jar file with the objdbc8.jar file in the WEB-INF/lib directory.

Note
For cipher suit support, refer to https://docs.oracle.com/database/121/DBSEG/asossl.htm#DBSEG09361.

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.


	You are here:

TLS Support for Oracle Database

Documentation Feedback