To secure the communication between the various Oracle Globally Distributed Database components in a distributed environment, Oracle recommends that you use Oracle Database Native Network Encryption or the TCPS protocol and Transport Layer Security (TLS) for all connections to, and between, the shard catalog and shards.

For information about configuring this security feature, see the documents based on the types of database you plan to run shards on.

• Autonomous Database

  For Oracle Autonomous Database, TLS is already enabled by default, and you only need to create the remaining security infrastructure, such as vaults, keys, and certificate resources on OCI.

• Base Database Service

  For Base Database Service on OCI you will need to enable TLS using the information in Configure TCP/IP with SSL/TLS for Sharding – GSM OCI Mode (Doc ID 2881390.1)

• On-Premises

  For on-premises databases, see Configure TCP/IP with SSL/TLS for Sharding – GSM JDBC THIN MODE (Doc ID 2881420.1)

More information is also available in Configuring Oracle Database Native Network Encryption and Data Integrity and Configuring Secure Sockets Layer Authentication