Checking the alert log of some of one of the instances we have recently upgraded to 12.2 I noticed the following error message occurring frequently:
NI cryptographic checksum mismatch error: 12599. VERSION INFORMATION: TNS for Linux: Version 12.2.0.1.0 - Production Oracle Bequeath NT Protocol Adapter for Linux: Version 12.2.0.1.0 - Production TCP/IP NT Protocol Adapter for Linux: Version 12.2.0.1.0 - Production Time: 06-APR-2017 11:38:05 Tracing to file: Tns error struct: ns main err code: 12599 TNS-12599: TNS:cryptographic checksum mismatch ns secondary err code: 12656 nt main err code: 0 nt secondary err code: 0 nt OS err code: 0
Comparing with entries in listener.log file, I identified that these corresponded to connections from Enterprise Manager. Reproducing the issue was easy, I navigated to the database in Enterprise Manager, went through the menus “Oracle Database->Target Setup->Monitoring Configuration” and clicked on the “Test Connection button”.
Every time the test succeeded, but the message was appended to the alert log.
MOS note 1927120.1 goes into some detail about the error message, including the fact that is is safe to ignore. It should be resolved when Enterprise Manager is updated to include latest JDBC driver.
One option listed to prevent the issue appearing in the alert log is to set DIAG_ADR_ENABLED=OFF in sqlnet.ora (it will be then instead be logged to sqlnet.log).
I found that setting the following two parameters in sqlnet.ora also meant the warning did not occur (setting either parameter by itself was not sufficient).
- SQLNET.CRYPTO_CHECKSUM_SERVER=rejected
- SQLNET.ENCRYPTION_SERVER=rejected
Hello Patrick,
thank You very much for Your Blog! We had the same problem on our 12.2 databases and Cloud Control. Your Information was very helpfully!
I wish You a nice time without lots of oracle bugs….
with best regards
Stefan
What would be the fun in that? 🙂 Happy to help
I would like to add, same error occurs when connecting from SQL-Developer 17.2.0.188 to database 12.2