Thursday, September 26, 2013

Encrypted JDBC connection with Oracle Database

To protect sensitive data encryption is the standard way. Its highly recommended if you are dealing with sensitive data, the application database connection also need to be encrypted. In this article we will go through how to establish a secure JDBC connection to Oracle database.

 1) We need to turn on encryption in oracle server. We can do that by starting Oracle Net Manger. There we have to select Oracle Advance Security and in Encryption tab there is option to turn on Encryption for server.

2) Once the encryption for server is turned on. Next is how to establish a secure connection from Java.
JDBC driver has the capability to establish a encrypted connection. we have to pass necessary information as part of properties to do so. Here is documentation for that.

In this way we can establish encrypted connection. To test whether its working or not, we have to install some network sniffer tools. By that we can verify the exchanged data is encrypted or not. Another way is by turning on the tracing in Oracle Net Manger for network communication. And to check those trace for network traffic data is encrypted or not.