Oracle DB - TCP router with TLS

do someone know if it is possible to use Traefik to secure an connection to an Oracle DB via TLS?
I just tried it, but I was not successful.
Here is my config:

static config

    address: ":1522"

dynamic config

        - "oracle-db"
      rule: "HostSNI(`*`)"
      service: oracle-db
      tls: {}

          - address: "localhost:1521"  

An connection from Oracle client is not possible. Just no reaction...
Without the TLS option everything is fine and the TCP router works as expected.

Hi @johannesschaefer

HostSNI(`*`) is for tcp routers without tls. You must use a hostname for TLS.

Thanks for the hint. But unfortunately still no connection possible. :frowning:

For me the question is the SSL setup of Oracle the same like the TLS setup of Traefik. Do I have to set special TLS parameters?,-tlsv12,-jks-or-oracle-wallets

Any idea?

Based on what I know from using sqplus and experience from other database clients/driver almost certainly you will have to change connection string or parameters.

This will be required: PROTOCOL=TCPS
Not sure if you can leave out the SECURITY=(ssl_server_cert_dn=", O=Oracle Corporation,L=Redwood City,ST=California,C=US")

we managed to get it working with Traefik and the TCPS setting. But we have to set the TLS version to 1.2.
Thanks for the support.

Thanks for your update @johannesschaefer

Do you suspect the java version restricting the TLS version to 1.2 ? Or rather, what version of java is it ?

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.