For years, Oracle SQL*Net offered a secured connection to the database and a prevalent unencrypted one. With the Zero Trust Architecture, that is no longer an option; you should get ready for end-to-end encryption in any environment, including your workstation.

I won't rephrase Oracle Database documentation on transport security and leave the comprehensive connection descriptor publication out of my scope.

I always wonder why SQL*Net offers a nice and clean "Easy Connection" format for plain connections and a TNS-formatted string for secured links.

According to the documentation, an easy connection descriptor is:


And the simplest security connection descriptor looks like this:


That kind of language gives a lot of grief to CLI enthusiasts and leads to errors-prone connection description. But to my amusement and great relief, SQL*Net and JDBC drivers are, in fact, URI-compliant. So, for testing and development purposes, you can use an easy and secure JDBC URL:


The main difference is a protocol descriptor tcps:// instructing the JDBC driver to use secured sockets. This connector URI works well for base-level configurations or development and testing purposes, while TNS descriptors have no alternative for advanced security settings and highly available environments.