The question is based on having to deal with lots of automated processing (testing, mostly). As it stands, all the schemas used have the same well known password, which is stored in lots of configuration files, which is bad from a security perspective. Using encrypted passwords does not really cut it.
So the question is: Does Oracle DB allow the use of client certificates for authentication?
Is it possible to login to an Oracle schema using a certificate
certificateoracleSecurity
Related Question
- Is Oracle’s dbms_utility.get_hash_value algorithm documented do reverse engineered anywhere
- Mysql – Securing Your MySQL Server within your team
- SQLNET.ALLOWED_LOGON_VERSION=12 and JDBC thin client
- Securely manage and dynamically create multiple databases
- Sql-server – In SQL Server and using only client side encryption requests, can I use a different certificate for each client
- Why storing users passwords at all
- Sql-server – The certificate chain was issued by an authority that is not trusted
- Sql-server – SQL Server Encrypted Connections – Configuration Manager does not see Certificate
Best Answer
I would say that the answer is yes. I am working on encrypting my listener. But it would start with building a wallet. Since I use Linux i use cron and OS authentication for jobs that I want to run. You can do something similar with Windows. Just make sure that remote OS authentication is turned off.