Cannot connect to tcps Protocol for Oracle Database 18c (18.4.0) Express Edition (XE) image

[123wowow123]

Cannot connect to tcps Protocol for Oracle Database 18c (18.4.0) Express Edition (XE) image

Changing below protocol in ($ORACLE_HOME/network/admin/listener.ora) and restarting docker does not expose TCPS enable listener which can be checked by lsnrctl status command.

LISTENER = (DESCRIPTION_LIST = (DESCRIPTION = (ADDRESS = (PROTOCOL = TCPS)(HOST = hostname)(PORT = 1521)) ... ) )

Also tried exposing a new port while doing docker initializing container with command -p 127.0.0.1:1532:1532 and adding new TCPS listener to instance does not work either.

[gvenzl]

HOST = hostname appears to be wrong, this should be HOST = <your hostname>, which changes with each new container.

The easiest way would be to say HOST = 0.0.0.0, binding any IP interface.

Also, you will need a certificate for the underlying encryption for SSL, see Enabling Secure Sockets Layer.

[123wowow123]

Hi, sorry I meant hostname as a variable above so I have tried with HOST = 0.0.0.0 This is what I have for configuration.

listener.ora

# listener.ora Network Configuration File:
         SID_LIST_LISTENER = 
           (SID_LIST =
             (SID_DESC =
               (SID_NAME = PLSExtProc)
               (ORACLE_HOME = /opt/oracle/product/18c/dbhomeXE)
               (PROGRAM = extproc)
             )
           )
         LISTENER =
           (DESCRIPTION_LIST =
             (DESCRIPTION =
               (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC_FOR_XE))
               (ADDRESS = (PROTOCOL = TCPS)(HOST = 0.0.0.0)(PORT = 1521))
             )
           )

#Specify the wallet location with wallet_location parameter
wallet_location =
 (SOURCE=
  (METHOD=File)
  (METHOD_DATA=
   (DIRECTORY=/opt/oracle/admin/XE/xdb_wallet)
  )
 )
#This parameter should be false as listener is not going to authenticate the clients. It is the server process that authenticates the clients.
SSL_CLIENT_AUTHENTICATION=FALSE
#This parameter is recommended to force the use of TLS only
# Modified from 1.0 to 1.2 and added MD5 and SHA1 per Oracle Support 3-22332441278
SSL_VERSION=1.2
ACCEPT_MD5_CERTS=TRUE
ACCEPT_SHA1_CERTS=TRUE

sqlnet.ora

# sqlnet.ora Network Configuration File
# Generated by Oracle configuration tools.
NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)
wallet_location =
 (SOURCE=
  (METHOD=File)
  (METHOD_DATA=
   (DIRECTORY=/opt/oracle/admin/XE/xdb_wallet)
  )
 )

#Set the below parameter to TRUE, for users to be authenticated by Database with SSL certificates,
SSL_CLIENT_AUTHENTICATION=TRUE

tnsnames.ora

# tnsnames.ora Network Configuration File:
XE =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCPS)(HOST = 0.0.0.0)(PORT = 1521))
    (CONNECT_DATA =
      (SERVER = DEDICATED)
      (SERVICE_NAME = XE)
    )
  )
LISTENER_XE =
  (ADDRESS = (PROTOCOL = TCP)(HOST = 0.0.0.0)(PORT = 1521))
XEPDB1 =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = 0.0.0.0)(PORT = 1521))
    (CONNECT_DATA =
      (SERVER = DEDICATED)
      (SERVICE_NAME = XEPDB1)
    )
  )
EXTPROC_CONNECTION_DATA =
  (DESCRIPTION =
     (ADDRESS_LIST =
       (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC_FOR_XE))
     )
     (CONNECT_DATA =
       (SID = PLSExtProc)
       (PRESENTATION = RO)
     )
  )

[gvenzl]

Thanks @123wowow123, you will probably be better off asking your question over at the Oracle Database AskTOM forum than here. Folks over there can help you make sure that your configuration is correct. From a container perspective, if the listener doesn't listen on the TPCS protocol, there is not much the container can do about it.