Oracle has introduced a new security feature, Oracle Advanced security, for Oracle databases. This feature provides better data encryption other advanced security features to secure user data. For more details on OAS, please refer: http://www.oracle.com/technetwork/database/options/advanced-security/overview/index.html

After enabling this feature with an Oracle database, a user can create the connection using the connection string provided by Oracle with the help of Oracle JBDC drivers. However, when creating the secure connection using ColdFusion, there is an error when using the basic connection string. The error message is shown below:

Basic Connection String:

jdbc:macromedia:oracle://<our DB server host name here>:1521;ServiceName=CF;ConnectionRetryCount=3;ConnectionRetryDelay=3;LoadBalancing=true;failover=true;jdbcbehavior=0;

Connection verification failed for data source: oracle_encrypted

java.sql.SQLException: [Macromedia][Oracle JDBC Driver]ORA-12660: Encryption or crypto-checksumming parameters incompatible

The root cause was that: java.sql.SQLException: [Macromedia][Oracle JDBC Driver]ORA-12660: Encryption or crypto-checksumming parameters incompatible

The Macromedia driver, which ships with ColdFusion fully supports Oracle Advanced security. Before applying the fix, check the Encryption Type (or example, AES256, AES128, 3DES168) and DataIntegrityTypes (ex. MD5 etc). You can find these details in TNS.ORA file, also check with the DBA for these details.

Follow the steps below:

1. Verify the connection string:
   URL:jdbc:macromedia:oracle://HOST_Name:PORT;SERVICENAME=SERVICE_NAME;jdbcbehavior=0;EncryptionLevel=required;EncryptionTypes=(AES256, AES128, 3DES168);DataIntegrityLevel=required;DataIntegrityTypes=(MD5);
   Driver Class:  macromedia.jdbc.MacromediaDriver

2. Log in to ColdFusion Administrator. Click Data & Services > Data Sources. Chose OAS as the data source and other as Driver. Click Add.

3. Add the URL, Driver Class, and Username/Password 

Note: Once you click Submit, you may receive an error that refers to Unlimited Policy exception.

Connection verification failed for data source: oracle_encrypted

java.sql.SQLException: [Macromedia][Oracle JDBC Driver]Failure due to insufficient maximum key length according to the installed JCE jurisdiction policy files. Please install “Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files

The root cause was that: java.sql.SQLException: [Macromedia][Oracle JDBC Driver]Failure due to insufficient maximum key length according to the installed JCE jurisdiction policy files. Please install “Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files

To resolve that the issue, download the Unlimited Policy jar from Oracle website link given below

http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html

• Extract the zip.

• Stop ColdFusion service, go to this folder: ColdFusion2016jrelibsecurity. Take the backup of entire folder “security” and replace the files which you extracted from ZIP.

• Restart ColdFusion and try again.