Setup Oracle SSL Listener

Question

I am trying to create an Oracle Database container that has an SSL enabled listener for connections.

But I am having trouble getting the listener to start.

I have tried many configurations but here is where I am stuck:

File structure:

[oracle@361ebc8481f2 /]$ ls -la $ORACLE_HOME/network/admin
total 24
drwxr-xr-x 1 oracle oinstall 4096 Mar 11 17:45 .
drwxr-xr-x 1 oracle oinstall 4096 Feb 26 16:36 ..
lrwxrwxrwx 1 root   root       44 Feb 26 17:07 listener.ora -> /opt/oracle/oradata/dbconfig/XE/listener.ora
drwxr-xr-x 2 oracle oinstall 4096 Feb 26 16:36 samples
-rw-r--r-- 1 oracle oinstall 1441 Aug 26  2015 shrept.lst
-rw-r--r-- 1 root   root      188 Mar 11 17:45 sqlnet.backup
-rw-r----- 1 oracle oinstall  589 Mar 11 17:45 sqlnet.ora
lrwxrwxrwx 1 root   root       44 Feb 26 17:07 tnsnames.ora -> /opt/oracle/oradata/dbconfig/XE/tnsnames.ora

sqlnet.ora:

[oracle@e05203241582 /]$ cat $ORACLE_HOME/network/admin/sqlnet.ora
# sqlnet.ora Network Configuration File: /opt/oracle/product/18c/dbhomeXE/network/admin/sqlnet.ora
# Generated by Oracle configuration tools.

NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)

WALLET_LOCATION =
   (SOURCE =
     (METHOD = FILE)
     (METHOD_DATA =
       (DIRECTORY = /u01/app/oracle/wallet)
     )
   )

# General Settings
SSL_CLIENT_AUTHENTICATION = FALSE
# SSL_SERVER_DN_MATCH = FALSE
# SSL_CIPHER_SUITES = (TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256)

# SQLNET Settings
SQLNET.AUTHENTICATION_SERVICES = (TCPS,NTS,BEQ)
# SQLNET.WALLET_OVERRIDE = TRUE

listener.ora:

oracle@e05203241582 /]$ cat $ORACLE_HOME/network/admin/listener.ora
# listener.ora Network Configuration File:
         SID_LIST_LISTENER =
           (SID_LIST =
             (SID_DESC =
               (SID_NAME = PLSExtProc)
               (ORACLE_HOME = /opt/oracle/product/18c/dbhomeXE)
               (PROGRAM = extproc)
             )
           )

         LISTENER =
           (DESCRIPTION_LIST =
             (DESCRIPTION =
               (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC_FOR_XE))
               (ADDRESS = (PROTOCOL = TCP)(HOST = 0.0.0.0)(PORT = 1521))
              )
           )

          SID_LIST_LISTENER2 =
           (SID_LIST =
             (SID_DESC =
               (SID_NAME = PLSExtProc)
               (ORACLE_HOME = /opt/oracle/product/18c/dbhomeXE)
               (PROGRAM = extproc)
             )
           )

         LISTENER2 =
           (DESCRIPTION_LIST =
             (DESCRIPTION =
               (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC_FOR_XE))
               (ADDRESS = (PROTOCOL = TCPS)(HOST = 0.0.0.0)(PORT = 1522))
              )
           )

         DEFAULT_SERVICE_LISTENER = (XE)
         DEFAULT_SERVICE_LISTENER2 = (XESSL)

WALLET_LOCATION =
  (SOURCE =
    (METHOD = FILE)
    (METHOD_DATA =
      (DIRECTORY = /u01/app/oracle/wallet)
    )
  )

SSL_CLIENT_AUTHENTICATION = FALSE
# SSL_SERVER_DN_MATCH = FALSE

tnsnames.ora:

[oracle@e05203241582 /]$ cat $ORACLE_HOME/network/admin/tnsnames.ora
# tnsnames.ora Network Configuration File:

XE =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = 0.0.0.0)(PORT = 1521))
    (CONNECT_DATA =
      (SERVER = DEDICATED)
      (SERVICE_NAME = XE)
    )
  )

LISTENER_XE =
  (ADDRESS = (PROTOCOL = TCP)(HOST = 0.0.0.0)(PORT = 1521))

XEPDB1 =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = 0.0.0.0)(PORT = 1521))
    (CONNECT_DATA =
      (SERVER = DEDICATED)
      (SERVICE_NAME = XEPDB1)
    )
  )

XESSL =
  (DESCRIPTION =
      (ADDRESS = (PROTOCOL = TCPS)(HOST = 0.0.0.0)(PORT = 1522))
      (CONNECT_DATA =
        (SERVER = DEDICATED)
        (SERVICE_NAME = XESSL)
      )
  )

LISTENER2_XESSL =
  (ADDRESS = (PROTOCOL = TCPS)(HOST = 0.0.0.0)(PORT = 1522))

XEPDB1SSL =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCPS)(HOST = 0.0.0.0)(PORT = 1522))
    (CONNECT_DATA =
      (SERVER = DEDICATED)
      (SERVICE_NAME = XEPDB1SSL)
    )
  )

EXTPROC_CONNECTION_DATA =
  (DESCRIPTION =
     (ADDRESS_LIST =
       (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC_FOR_XE))
     )
     (CONNECT_DATA =
       (SID = PLSExtProc)
       (PRESENTATION = RO)
     )
  )

Okay so when I start the server LISTENER is running but LISTENER2 is not:

[oracle@e05203241582 /]$ lsnrctl status LISTENER

LSNRCTL for Linux: Version 18.0.0.0.0 - Production on 11-MAR-2021 18:06:01

Copyright (c) 1991, 2018, Oracle.  All rights reserved.

Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))
STATUS of the LISTENER
------------------------
Alias                     LISTENER
Version                   TNSLSNR for Linux: Version 18.0.0.0.0 - Production
Start Date                11-MAR-2021 18:00:28
Uptime                    0 days 0 hr. 5 min. 33 sec
Trace Level               off
Security                  ON: Local OS Authentication
SNMP                      OFF
Listener Parameter File   /opt/oracle/product/18c/dbhomeXE/network/admin/listener.ora
Listener Log File         /opt/oracle/diag/tnslsnr/e05203241582/listener/alert/log.xml
Listening Endpoints Summary...
  (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=e05203241582)(PORT=1521)))
  (DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=127.0.0.1)(PORT=5500))(Security=(my_wallet_directory=/opt/oracle/admin/XE/xdb_wallet))(Presentation=HTTP)(Session=RAW))
Services Summary...
Service "XE" has 1 instance(s).
  Instance "XE", status READY, has 1 handler(s) for this service...
Service "XEXDB" has 1 instance(s).
  Instance "XE", status READY, has 1 handler(s) for this service...
Service "bc414e16d5db0a27e053020011ac7dda" has 1 instance(s).
  Instance "XE", status READY, has 1 handler(s) for this service...
Service "xepdb1" has 1 instance(s).
  Instance "XE", status READY, has 1 handler(s) for this service...
The command completed successfully

[oracle@e05203241582 /]$ lsnrctl status LISTENER2

LSNRCTL for Linux: Version 18.0.0.0.0 - Production on 11-MAR-2021 18:06:26

Copyright (c) 1991, 2018, Oracle.  All rights reserved.

TNS-01101: Could not find listener name or service name LISTENER2

If I try to start LISTENER2 I get:

[oracle@e05203241582 /]$ lsnrctl start LISTENER2

LSNRCTL for Linux: Version 18.0.0.0.0 - Production on 11-MAR-2021 18:07:49

Copyright (c) 1991, 2018, Oracle.  All rights reserved.

Starting /opt/oracle/product/18c/dbhomeXE/bin/tnslsnr: please wait...

TNSLSNR for Linux: Version 18.0.0.0.0 - Production
System parameter file is /opt/oracle/product/18c/dbhomeXE/network/admin/listener.ora
Log messages written to /opt/oracle/diag/tnslsnr/e05203241582/listener2/alert/log.xml
TNS-01151: Missing listener name, LISTENER2, in LISTENER.ORA

Listener failed to start. See the error message(s) above...

But it does exist in that file.

Is there something else I need to configure to get this listener to start correctly?

Sorry I know throwing a bunch of outputs into a stack overflow question isn't great, but I haven't been able to find a way to resolve this for a couple of days. Any help would be appreciated.

Just an observation. Your links are owned by root and not by oracle. — Bjarte Brandt, Mar 11 '21 at 19:22
It's a symbolic link. Permissions on the link don't matter. The files are still owned by oracle. — KyleAure, Mar 11 '21 at 20:11

Setup Oracle SSL Listener

0 Answers0

Linked