我可以使用远程数据库服务器配置SSL吗？ [英] Can I configure ssl with an remote database server

问题描述

我想知道是否可以在我的应用程序和远程数据库服务器之间配置ssl。

I would like to know if I could configure ssl between my application and a remote database server.

weblogic服务器上的Oracle数据库和Web应用程序

Oracle Database and web app on weblogic server

谢谢

推荐答案

是的，有可能。
我不确定如何配置服务器（我只是从客户端的角度使用过），但是可以按照此页面： 使用Oracle JDBC瘦驱动程序的SSL 。
（Oracle似乎正在对网站进行更改，因此如果它移动了，请寻找标题。）

Yes, it's possible. I'm not sure how to configure the server (I've only used it from the client's perspective), but the JDBC driver can be configured as described from the link on this page: "SSL With Oracle JDBC Thin Driver". (Oracle seem to be making changes to the website so if it moves, look for the title.)

请注意， 案例＃1 ：仅将SSL用于加密，仅此而已，实际上并不能增强安全性。如果您确实需要安全性，那么至少还需要服务器身份验证。
仅加密就像是与您未验证身份的人秘密交换信息：这不是特别有用。通常，在确定密匙是他们所说的真实身份之后，您只希望将其告知打算的密匙接收者。
由于这个原因，应避免使用匿名密码套件（如本文档所述，但不特定于Oracle JDBC SSL / TLS连接）。客户端身份验证可能不太重要，具体取决于您的上下文。

Note that that "Case #1: Use SSL for encryption only", is just that, which doesn't really enforce security. If you really want security, you'll also want server authentication at least. Encryption-only is like exchanging information secretly with someone whose identity you haven't verified: it's not particularly useful. Usually, you'll want to tell secrets only to the intended recipients of the secrets, after making sure they're who they say they are. The anonymous cipher suites (as described in this document, but not specific to Oracle JDBC SSL/TLS connections) are the ones to avoid for this reason. Client authentication is probably less important, depending on your context.

这篇关于我可以使用远程数据库服务器配置SSL吗？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！