Checking the alert log of some of one of the instances we have recently upgraded to 12.2 I noticed the following error message occurring frequently:
NI cryptographic checksum mismatch error: 12599. VERSION INFORMATION: TNS for Linux: Version 126.96.36.199.0 - Production Oracle Bequeath NT Protocol Adapter for Linux: Version 188.8.131.52.0 - Production TCP/IP NT Protocol Adapter for Linux: Version 184.108.40.206.0 - Production Time: 06-APR-2017 11:38:05 Tracing to file: Tns error struct: ns main err code: 12599 TNS-12599: TNS:cryptographic checksum mismatch ns secondary err code: 12656 nt main err code: 0 nt secondary err code: 0 nt OS err code: 0
Comparing with entries in listener.log file, I identified that these corresponded to connections from Enterprise Manager. Reproducing the issue was easy, I navigated to the database in Enterprise Manager, went through the menus “Oracle Database->Target Setup->Monitoring Configuration” and clicked on the “Test Connection button”.
Every time the test succeeded, but the message was appended to the alert log.
MOS note 1927120.1 goes into some detail about the error message, including the fact that is is safe to ignore. It should be resolved when Enterprise Manager is updated to include latest JDBC driver.
One option listed to prevent the issue appearing in the alert log is to set DIAG_ADR_ENABLED=OFF in sqlnet.ora (it will be then instead be logged to sqlnet.log).
I found that setting the following two parameters in sqlnet.ora also meant the warning did not occur (setting either parameter by itself was not sufficient).