All of the databases are on Oracle 12.1 or later, most are 19c.
I did get it to work by setting the values in the oms config file, bouncing the
oms, and changing the crypto_checksum_client/server from REQUIRED to ACCEPTED.
I don’t know why I had to do that last part, but the JDBC would not connect
with it set to REQUIRED. The oms came up and it does connect to all of the
databases now.
At this point, I’m just going to leave it that way. The first thing Oracle
support said to do was to back out the sqlnet.ora changes. I didn’t want to do
that, so this is the compromise.
Scott Canaan ‘88
Sr Database Administrator
Information & Technology Services
Finance & Administration
Rochester Institute of Technology
o: (585) 475-7886 | f: (585) 475-7520
srcdco@xxxxxxx<mailto:srcdco@xxxxxxx> | c: (585) 339-8659
CONFIDENTIALITY NOTE: The information transmitted, including attachments, is
intended only for the person(s) or entity to which it is addressed and may
contain confidential and/or privileged material. Any review, retransmission,
dissemination or other use of, or taking of any action in reliance upon this
information by persons or entities other than the intended recipient is
prohibited. If you received this in error, please contact the sender and
destroy any copies of this information.
From: niall.litchfield@xxxxxxxxx <niall.litchfield@xxxxxxxxx>
Sent: Monday, October 31, 2022 11:34 AM
To: Scott Canaan <srcdco@xxxxxxx>
Cc: oracle-l@xxxxxxxxxxxxx
Subject: Re: Cloud Control Issue
Hi Scott
I think you'll need to follow both
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2376633.1 for the ;
repository and
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2782968.1 for the ;
targets. I'd also check that SHA512 is supported.
On Mon, Oct 31, 2022 at 1:56 PM Scott Canaan
<srcdco@xxxxxxx<mailto:srcdco@xxxxxxx>> wrote:
In trying to follow the request from Oracle support to reproduce the error with
tracing turned on, I discovered that the oms won’t even start. The log shows:
java.sql.SQLException: Oracle Error ORA-12650
at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:855)
at
oracle.jdbc.driver.PhysicalConnection.connect(PhysicalConnection.java:924)
at
oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:58)
at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:760)
at
oracle.jdbc.pool.OracleDataSource.getPhysicalConnection(OracleDataSource.java:435)
at
oracle.jdbc.pool.OracleDataSource.getConnection(OracleDataSource.java:306)
at
oracle.jdbc.pool.OracleDataSource.getConnection(OracleDataSource.java:221)
at
oracle.jdbc.pool.OracleConnectionPoolDataSource.getPhysicalConnection(OracleConnectionPoolDataSource.java:149)
at
oracle.jdbc.pool.OracleConnectionPoolDataSource.getPooledConnection(OracleConnectionPoolDataSource.java:92)
at
oracle.jdbc.pool.OracleImplicitConnectionCache.makeCacheConnection(OracleImplicitConnectionCache.java:1745)
at
oracle.jdbc.pool.OracleImplicitConnectionCache.makeOneConnection(OracleImplicitConnectionCache.java:628)
at
oracle.jdbc.pool.OracleImplicitConnectionCache.getCacheConnection(OracleImplicitConnectionCache.java:577)
at
oracle.jdbc.pool.OracleImplicitConnectionCache.getConnection(OracleImplicitConnectionCache.java:454)
at
oracle.jdbc.pool.OracleDataSource.getConnection(OracleDataSource.java:542)
at
oracle.jdbc.pool.OracleDataSource.getConnection(OracleDataSource.java:510)
at
oracle.sysman.emSDK.core.util.jdbc.ConnectionCache._getConnection(ConnectionCache.java:433)
at
oracle.sysman.emSDK.core.util.jdbc.ConnectionCache._getConnection(ConnectionCache.java:394)
at
oracle.sysman.emSDK.core.util.jdbc.ConnectionCache.getUnwrappedConnection(ConnectionCache.java:814)
at
oracle.sysman.emSDK.svc.conn.FGAConnectionCache.getFGAConnection(FGAConnectionCache.java:212)
at
oracle.sysman.emSDK.svc.conn.ConnectionService.getPrivateConnection(ConnectionService.java:1279)
at
oracle.sysman.emSDK.svc.conn.ConnectionService.getPrivateConnection(ConnectionService.java:1294)
at
oracle.sysman.core.pbs.gcloader.PostloadJobExecutor.doWork(PostloadJobExecutor.java:327)
at
oracle.sysman.core.pbs.gcloader.PostloadJobExecutor.executeCommand(PostloadJobExecutor.java:177)
at
oracle.sysman.core.pbs.gcloader.LoaderjobWorker.doWork(LoaderjobWorker.java:285)
at oracle.sysman.core.common.workmanager.Work.call(Work.java:274)
at oracle.sysman.core.common.workmanager.Work.call(Work.java:50)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
There are many of these. I’m guessing there’s a configuration file somewhere
that needs to be adjusted to accommodate the new sqlnet.ora settings, but I
have no idea where it is.
Scott Canaan ‘88
Sr Database Administrator
Information & Technology Services
Finance & Administration
Rochester Institute of Technology
o: (585) 475-7886 | f: (585) 475-7520
srcdco@xxxxxxx<mailto:srcdco@xxxxxxx> | c: (585) 339-8659
CONFIDENTIALITY NOTE: The information transmitted, including attachments, is
intended only for the person(s) or entity to which it is addressed and may
contain confidential and/or privileged material. Any review, retransmission,
dissemination or other use of, or taking of any action in reliance upon this
information by persons or entities other than the intended recipient is
prohibited. If you received this in error, please contact the sender and
destroy any copies of this information.
From: oracle-l-bounce@xxxxxxxxxxxxx<mailto:oracle-l-bounce@xxxxxxxxxxxxx>
<oracle-l-bounce@xxxxxxxxxxxxx<mailto:oracle-l-bounce@xxxxxxxxxxxxx>> On Behalf
Of Scott Canaan
Sent: Monday, October 31, 2022 9:26 AM
To: 'oracle-l@xxxxxxxxxxxxx<mailto:oracle-l@xxxxxxxxxxxxx>'
<oracle-l@xxxxxxxxxxxxx<mailto:oracle-l@xxxxxxxxxxxxx>>
Subject: Cloud Control Issue
On Saturday, we updated all the sqlnet.ora files on all the database servers to
be more secure. The changes were to make both encryption and the
crypto-checksum required and to set the crypto-checksum value to SHA512 only.
This was also done on the cloud control server. Now, cloud control can’t
connect to any database. It gets an ORA-12650: No common encryption or data
integrity algorithm.
We are on cloud control 13.5 on Red Hat 8 and it is patched through August,
2022. I found an old metalink document about a bug, 28527508, but when I try
to apply it, I get an error saying that we aren’t at the correct version. I
expect it’s too old as it is from 2018.
Any ideas on how to fix this? I’m trying to open an SR, but they want a ton of
logs and files and I don’t really have the time to go back and forth with them.
Scott Canaan ‘88
Sr Database Administrator
Information & Technology Services
Finance & Administration
Rochester Institute of Technology
o: (585) 475-7886 | f: (585) 475-7520
srcdco@xxxxxxx<mailto:srcdco@xxxxxxx> | c: (585) 339-8659
CONFIDENTIALITY NOTE: The information transmitted, including attachments, is
intended only for the person(s) or entity to which it is addressed and may
contain confidential and/or privileged material. Any review, retransmission,
dissemination or other use of, or taking of any action in reliance upon this
information by persons or entities other than the intended recipient is
prohibited. If you received this in error, please contact the sender and
destroy any copies of this information.
--
Niall Litchfield
Oracle DBA
http://www.orawin.info
