search

sijms / go-ora

Pure go oracle client
MIT License
795 stars 176 forks source link

SSL connection without using wallet. #529

Closed abd-770 closed 5 months ago

abd-770 commented 6 months ago

I'm trying to connect to Oracle DB with SSL without using wallet and I'm getting "tls: handshake failure" Below is my code. Can anyone try to help me on this case. 

package main
import (
    "context"
    "crypto/rsa"
    "crypto/tls"
    "crypto/x509"
    "database/sql"
    "fmt"
    "io/ioutil"
    "net"

    go_ora "github.com/sijms/go-ora/v2"
)

func main() {

    host := hostname
    username := username
    password := password
    sid := sidName

    port := portnumber

    ssl := true
    sslVerify := false

    var tlsConfig *tls.Config
    sslCertPath := "/Users/certificate.pem"
    sslCert, err := ioutil.ReadFile(sslCertPath)
    if err != nil {
        fmt.Println("failed to read SSL certificate file: ", err)
        return
    }

    tlsConfig = &tls.Config{
        RootCAs: x509.NewCertPool(),
    }

    if !tlsConfig.RootCAs.AppendCertsFromPEM(sslCert) {
        fmt.Println("Invalid SSL certificate format")
    }

    urlOptions := map[string]string{
        "TRACE FILE": "trace.log",
        "SID":        sid,
        "ssl":        fmt.Sprintf("%t", ssl),
        "ssl verify": fmt.Sprintf("%t", sslVerify),
    }

    connectionString := go_ora.BuildUrl(host, port, "", username, password, urlOptions)

    db, err := sql.Open("oracle", connectionString)
    if err != nil {
        panic(fmt.Errorf("error in sql.Open: %w", err))
    }
    defer func() {
        err = db.Close()
        if err != nil {
            fmt.Println("Can't close connection: ", err)
        }
    }()

    err = db.Ping()
    if err != nil {
        panic(fmt.Errorf("error pinging db: %w", err))
    }
    fmt.Println(connectionString)
}
sijms commented 6 months ago

You should use wallet. still I didn't make an option to set tls.Config

abd-770 commented 6 months ago

@sijms do you know how to add a certificate once new wallet is created using " func NewWallet() "

sijms commented 6 months ago

@sijms do you know how to add a certificate once new wallet is created using " func NewWallet() "

you should pass wallet path as url option in connection string wallet=path which is path to directory that contain cwallet.sso file