Connect to shared (PUBLIC ENDPOINT) autonomous database without a wallet (mTLS DISABLED)

Autonomous databases with public endpoint can relax the mTLS enforcement in order to allow insecure connections from legacy applications that can’t use a wallet for several reasons but, alt least, one ACL must be created in order to specify which remote addresses are allowed to cconnect.

STEP 1: Enable at least one ACL

Click [Edit] in Network/Access Control List section

Add IP’s or CIDR’s or VCN’s:

STEP2: DISABLE mTLS enforcement


Add descriptor to tnsnames.ora:

xxx = (description= (retry_count=20)(retry_delay=3)(address=(protocol=tcps)(port=1521)(", OU=Oracle BMCS FRANKFURT, O=Oracle Corporation, L=Redwood City, ST=California, C=US")))

Connect using the service descriptor:

/sqlcl/bin/sql app1@xxx
SQLcl: Release 21.4 Production on Thu Feb 10 14:33:58 2022
Copyright (c) 1982, 2022, Oracle.  All rights reserved.
Connected to:
Oracle Database 21c Enterprise Edition Release - Production
SQL> show connection

Tha’s all, hope it helps!!!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.