ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Support for encrypted Oracle in Advanced Authentication/Strong Authentication/Risk Authentication

book

Article ID: 236885

calendar_today

Updated On:

Products

CA Risk Authentication CA Advanced Authentication CA Strong Authentication

Issue/Introduction

We are trying to switch to using Oracle Advanced Security for DB connections. However, we are receiving this error in Riskfort/Risk Authentication startup:

Fri Mar 11 11:50:23.787 2022 WARNING: pid 21064 tid 21064: 2: 0: ArDBConnection::connect: Connection to database [arcotdsn]. user [FDSARCOT_ASU] failed. Error detail [SQL State:HY000, Native Code: FFFFFFFF, ODBC code: [AA][ODBC Oracle Wire Protocol driver][Oracle]ORA-12660: Encryption or crypto-checksumming parameters incompatible] 

The database requires SHA256. I assume the problem is that Riskfort/Risk Authentication does not use the latest ODBC driver 8.0.2 which added this and only support SHA1 now:

https://www.progress.com/odbc/release-history/oracle-database-odbc

Could you please confirm the driver version used in Riskfort/Risk Authentication 9.0 and 9.1? What are the actions we need to take to be able to base using AES256?

Environment

Release : 9.1.x

Component : Strong Authentication

Risk Authentication

Resolution

Encrypted Oracle and SQL server database feature is added in the 9.1SP2 release of Advanced Authentication. Please see below in the document link.

New Features and Enhancements in Advanced Authentication 9.1SP2

  • Support for encrypted databases
    This release of Advanced Authentication lets you run Advanced Authentication against encrypted Oracle and SQL Server databases.

Additional Information

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/advanced-authentication/9-1/release-notes-9-1/new-features-and-enhancements.html