Environment
SSPR 3.3.1
SSPR configured to store C/R data in remote database
Oracle 12c database
Oracle JDBC Thin Client (ojdbc7.jar)
JDK 1.8.0_65
Situation
Handshake error when using Oracle TCPS protocol
No problem connecting with TCP
Connecting to DB without SSL works fine
Customer has a requirement to secure the JDBC connection to Oracle
Resolution
Do both of the following:
1. Export the self-signed certificate from the server's Oracle Wallet and import into the JDK's cacerts trust store on the SSPR server.
2. Using SSPR Config Editor, edit the "Database Connection String" in Settings, Database (Remote) to use the SID and SERVER parameters instead of SERVICENAME in the CONNECT_DATA JDBC connection parameters. Working syntax:
jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCPS)(HOST=dbhost.acme.com)(PORT=2484)))(CONNECT_DATA=(SID=DBA01)(SERVER=DEDICATED)))
Additional Information
Note that this is really an Oracle issue, not an SSPR issue. SSPR only connects to
the database via internal JDBC protocol to the vendor provided JDBC driver.
What happens between the JDBC driver and database is invisible to
SSPR.
As noted in the help text for "Database Connection String" in SSPR Config Editor, the connection strings need to be provided by the database vendor.