| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: Securing isqlplus
Daniel Morgan <damorgan_at_exxesolutions.com> wrote in
news:3EC542AC.845A600C_at_exxesolutions.com:
> Chuck wrote:
>
>> Daniel Morgan <damorgan_at_exxesolutions.com> wrote in >> news:3EC50C81.30395890_at_exxesolutions.com: >> >> > Chuck wrote: >> > >> >> I'm looking to encrypt network traffic to/from my isqlplus web >> >> server. I don't want to go through the hassle of getting a >> >> certificate from a CA. I just want to encrypt the session similar >> >> to ssh mainly so that passwords are not transmitted in plain text. >> >> >> >> Can anyone tell me how do to this or point me to the documentation >> >> for it? >> >> >> >> Thanks. >> > >> > What makes you think iSQL*Plus sends unencrypted passwords >> > anywhere? -- >> > Daniel Morgan >> > http://www.outreach.washington.edu/extinfo/certprog/oad/oad_crs.asp >> > damorgan_at_x.washington.edu >> > (replace 'x' with a 'u' to reply) >> > >> > >> >> From the isqlplus help file at : >> >> http://download-west.oracle.com/docs/cd/B10501_ >> 01/server.920/a90842/ch10.htm#1006169 >> >> "In iSQL*Plus, security for the connection between the web browser >> and the Oracle HTTP Server is provided by standard HTTPS, which is >> fully supported by Oracle. It enables secure listener connections >> with an Oracle-provided encryption mechanism via the Secure Sockets >> Layer (SSL). It can be implemented when installing the Oracle HTTP >> Server by installing the mod_ssl module. For detailed information >> about implementing HTTPS security in Oracle, see the Oracle Advanced >> Security Administrator's Guide." >> >> If I'm reading this right, you need to configure https to get any >> encryption between the browser and the http server.
Thanks. Does this hold true for standard sqlplus connections to? Received on Fri May 16 2003 - 15:37:27 CDT
 |
 |