Corporation Network Router User Manual
SSL and TLS in an Oracle Environment
7-4 Oracle Database Advanced Security Administrator's Guide
How SSL Works in an Oracle Environment: The SSL Handshake
When a network connection over SSL is initiated, the client and server perform an
SSL handshake that includes the following steps:
■ The client and server establish which cipher suites to use. This includes which
encryption algorithms are used for data transfers.
■ The server sends its certificate to the client, and the client verifies that the
server's certificate was signed by a trusted CA. This step verifies the identity of
the server.
■ Similarly, if client authentication is required, the client sends its own certificate
to the server, and the server verifies that the client's certificate was signed by a
trusted CA.
■ The client and server exchange key information using public key cryptography.
Based on this information, each generates a session key. All subsequent
communications between the client and the server is encrypted and decrypted
by using this set of session keys and the negotiated cipher suite.
The authentication process consists of the following steps:
1. On a client, the user initiates an Oracle Net connection to the server by using
SSL.
2. SSL performs the handshake between the client and the server.
3. If the handshake is successful, the server verifies that the user has the
appropriate authorization to access the database.