Support for passing additional SSL cipher suites for TLS connections · Issue #259 · oracle/python-oracledb (original) (raw)

Provide feedback

Appearance settings

Describe your new request in detail
Currently, oracledb uses only default cipher suites provided by python's SSLContext to make TLS connections. This limits connectivity to legacy Oracle DBs that use older Cipher suites like SSL_RSA_WITH_AES_256_CBC_SHA(AWS RDS's default cipher) which is not included in python's default security context.
We need a way to pass additional SSL cipher suites for establishing TLS connections. This could be done in multiple ways(Pass SSLContext to connect(), CIPHER_SUITES env var, etc).
Give supporting information about tools and operating systems. Give relevant product version numbers
This enhancement supports DBs using older Cipher suites for TLS.