Amazon Relational Database Service (Amazon RDS) for Oracle now supports ECC384 Certificate Authority with two new ECDSA cipher suites for Oracle Secure Socket Layer (SSL) and Oracle Enterprise Manager (OEM) Agent options in Oracle Database versions 19c and 21c. The ECC384 Certificate Authority and ECDSA cipher suites provide comparable security to the RSA certificate authorities while using shorter keys, and deliver faster encryption with lower CPU usage.
The new ECDSA cipher suites supported with this option are TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 and TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384. To use these cipher suites, select ECC384 (rds-ca-ecc384-g1) as the Certificate Authority for your Amazon RDS for Oracle database instances.
To learn more about adding SSL with ECDSA cipher suites, see Adding SSL option documentation. To learn more about modifying the OEM Agent to select ECDSA cipher suites, see Modifying OEM Agent Database settings documentation. To learn more about modifying a database instance to select rds-ca-ecc384-g1 Certificate Authority, see Modifying an Amazon RDS DB instance documentation.
Categories: general:products/amazon-rds-for-oracle,marketing:marchitecture/databases,general:products/aws-govcloud-us
Source: Amazon Web Services
