Manualshelf

User's Manual

ManualsBrandsOracle ManualsNetwork RouterOracle Database B10772-01
181182183184185186187188189190
Enabling SSL
7-18 Oracle Database Advanced Security Administrator's Guide
Prioritize cipher suites starting with the strongest and moving to the weakest to
ensure the highest level of security possible.
Table 7–1 lists the SSL cipher suites supported in the current release of Oracle
Advanced Security. These cipher suites are set by default when you install Oracle
Advanced Security. This table also lists the authentication, encryption, and data
integrity types each cipher suite uses.
Note: If you set a cipher suite employing Diffie-Hellman
anonymous authentication on the server, then you must also set the
same cipher suite on the client. Otherwise, the connection fails.
If you use a cipher suite employing Diffie-Hellman anonymous,
then you must set the SSL_CLIENT_AUTHENTICATION parameter
to FALSE. See: "Step 5: Set SSL Client Authentication on the Server
(Optional)" on page 7-21.
Table 7–1 Oracle Advanced Security Cipher Suites
Cipher Suites Authentication Encryption Data Integrity
SSL_RSA_WITH_3DES_EDE_CBC_SHA RSA 3DES EDE CBC SHA-1
SSL_RSA_WITH_RC4_128_SHA RSA RC4 128 SHA-1
SSL_RSA_WITH_RC4_128_MD5 RSA RC4 128 MD5
SSL_RSA_WITH_DES_CBC_SHA RSA DES CBC SHA-1
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA DH anon 3DES EDE CBC SHA-1
SSL_DH_anon_WITH_RC4_128_MD5 DH anon RC4 128 MD5
SSL_DH_anon_WITH_DES_CBC_SHA DH anon DES CBC SHA-1
SSL_RSA_EXPORT_WITH_RC4_40_MD5 RSA RC4 40 MD5
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA RSA DES40 CBC SHA-1
SSL_RSA_WITH_AES_128_CBC_SHA
1
1
AES ciphers work with Transport Layer Security (TLS 1.0) only
RSA AES 128 CBC SHA-1
SSL_RSA_WITH_AES_256_CBC_SHA
1
RSA AES 256 CBC SHA-1