How to connect CDP components to a TCPS-enabled Oracle database
Learn which CDP components support TCPS-enabled Oracle database and how to configure them to work with an TCPS-enabled Oracle database.
What is TCPS
TCPS is Transmission Control Protocol with SSL. It provides higher security between the database and CDP services than TCP alone.
List of CDP components and Runtime services that support TCPS-enabled Oracle database
The following CDP components can use a TCPS-enabled Oracle database starting with CDP 7.1.9:
- Cloudera Manager server
- Reports Manager
- Hive MetaStore
- Hue
- Schema Registry
- Streams Messaging Manager
- Oozie
- Sqoop
- Ranger
- Ranger KMS
High-level steps to configure and set up TCPS
In any TLS connection, there are two entities involved–a client and a server. In CDP, Cloudera
Manager and Runtime services are the clients and the Oracle database is the server.
- First, you enable TCPS on the Oracle database server, as described in Enabling TCPS for Oracle Database Server.
- Specify the JDBC URL or a connection string when you add the Runtime services in the Add service wizard using Cloudera Manager. Review the instructions for each supported service in Configuring runtime services to connect to TLS 1.2/TCPS-enabled databases.
You can also configure the existing Runtime services to connect to a TCPS-enabled Oracle database. See Configuring runtime services to connect to TLS 1.2/TCPS-enabled databases.
How to verify whether TCPS is enabled on your database
You can verify whether TCPS is successfully enabled on your Oracle database by running the
following
command:
SQL> select sys_context('userenv','network_protocol') from dual;
If TCPS is enabled, you see the following
output:
SYS_CONTEXT('USERENV','NETWORK_PROTOCOL')
----------------------------------------------------------------------
tcps
Alternatively, check whether the
PROTOCOL = TCPS
line is present in the
following configuration files:- listener.ora
- tnsnames.ora