-2

I'm looking for a possibility to encrypt the connection to our Oracle database. I did find this post below:

How to encrypt FireDAC connection to use TLS/SSL in Delphi?

The only answer I see there is that we have to buy ($3000/developer, wow) and use a CData component.

Is FireDAC ready for using network encryption with an Oracle DB? If so, how do I configure that?

Mark Rotteveel
  • 100,966
  • 191
  • 140
  • 197
Paul Sinnema
  • 2,534
  • 2
  • 20
  • 33
  • If you use FireDAC you don't need ADO.Net so wire encryption is fully available. – user13964273 Dec 01 '22 at 22:29
  • @user13964273: I've added code that executes this SQL: 'SELECT sys_context(''USERENV'', ''NETWORK_PROTOCOL'') as network_protocol FROM dual'. If executed gives 'tcp' or 'tcps' as a result. Executing this gives 'tcp' (not secured). – Paul Sinnema Dec 02 '22 at 04:18
  • @user13964273 Our DBA's say they've configured everything needed to have a secure connection. What am I missing? – Paul Sinnema Dec 02 '22 at 04:19
  • Is your question about how to use encryption to Oracle (as suggested by the title and first paragraph and your comments), or about wire encryption to Firebird (the rest of the question body and the tags)? Please be clear and specific and ask only one question per question. Right now you seem to be asking at least three questions about two different products. – Mark Rotteveel Dec 02 '22 at 08:30
  • @MarkRotteveel You're right Mark. I edited the question. – Paul Sinnema Dec 02 '22 at 10:28
  • VPN is still the option. Even in local network. – user13964273 Dec 02 '22 at 12:22
  • @user13964273 Not possible. This is a native application connecting via the internal network. All users would have to use VPN even when the are on site. That is not going happen. – Paul Sinnema Dec 03 '22 at 21:21
  • I'm not looking for alternatives. I need a working solution. – Paul Sinnema Dec 03 '22 at 21:21

1 Answers1

1

Don’t know about FireDac secure connection, but we use third-party components for this. First of all – it’s not a good idea to leave Oracle DB open from anywhere on the internet, try to change your application architecture to use (for example) REST-API from the internet and secure vpn or closed part of the network between REST-Server and Oracle. If it’s not possible or the client is in “paranoid mode” then you can use Devart ODAC and Devart SecureBridge. This allows you to connect to Oracle securely. It's not free, but it's not $3,000 for a developer either. Here is a documentation how to use it: https://docs.devart.com/odac/ssl.htm

Softacom
  • 613
  • 2
  • 6
  • Thanks for the answer. Our Oracle connections are only unencrypted on the internal network. From the Internet a VPN connection is required. I’ll take a look at DevArt. – Paul Sinnema Dec 06 '22 at 12:31