Issue: TablePlus Cannot Connect to Oracle Over TCPS (TLS) – “Connection reset by peer”
Environment
- Device: MacBook Pro (16-inch, 2021)
- CPU: Apple Silicon
- RAM: 64 GB
- OS: macOS Sequoia 15.6.1
- TablePlus Version: Latest stable (as of Nov 2025)
- DB: Oracle 19c (remote, internal network)
- Connection type: TCPS (TLS encrypted)
Summary
TablePlus fails to connect to an Oracle database that requires TCPS.
The same connection (same host, port, service name, and credentials) works correctly in Oracle SQL Developer.
Even after providing valid CA certificates and enabling SSL mode in TablePlus, all connection attempts fail with:
OracleSQLError(code: connectionError,
underlying: POSIXErrorCode(rawValue: 54): Connection reset by peer)
This appears to be occurring before authentication, during or immediately after the TLS handshake.
What Works
1. SQL Developer
SQL Developer connects successfully using this JDBC descriptor:
jdbc:oracle:thin:@(DESCRIPTION=
(ADDRESS_LIST=
(ADDRESS=(PROTOCOL=tcps)(HOST=<redacted-host>)(PORT=<redacted-port>)))
(CONNECT_DATA=(SERVICE_NAME=<redacted-service>)))
SQL Developer is configured to use a JDK whose truststore includes the necessary internal root certificates:
SetJavaHome /Library/Java/JavaVirtualMachines/<jdk-dir>/Contents/Home
2. OpenSSL
TLS handshake from macOS succeeds using the same CA certificates:
openssl s_client \
-connect <redacted-host>:<redacted-port> \
-servername <redacted-host> \
-CAfile chain.pem
Result:
- Certificate chain verifies (
Verify return code: 0 (ok))
- TLS session established successfully
This confirms:
- The host/port are reachable
- The server certificate is valid
- The CA chain is correct
- No network restrictions are blocking the TLS handshake
Steps Taken in TablePlus
- Downloaded internal root CA certificates from our corporate certificate manager.
- Converted
.cer → .pem using OpenSSL.
- Combined them into a chain file:
cat root_ca_1.pem root_ca_2.pem > chain.pem
-
In TablePlus → Oracle Connection:
- Host:
<redacted-host>
- Port:
<redacted-port>
- Service name:
<redacted-service>
- SSL Mode: Required
- CA/PEM File: chain.pem
- Username/password: same as SQL Developer
-
Attempt to connect → always fails with:
OracleSQLError(code: connectionError,
underlying: POSIXErrorCode(rawValue: 54): Connection reset by peer)
Actual Behavior
TablePlus immediately disconnects with:
This indicates the server closed the connection, typically because:
- The client did not initiate a valid TCPS handshake, or
- The TLS parameters TablePlus sends do not match what Oracle expects, or
- TablePlus ignores the provided CA and retries as plain TCP, causing the listener to drop the socket.
Expected Behavior
TablePlus should be able to:
- Use the provided PEM CA file
- Initiate a proper Oracle TCPS handshake
- Successfully establish a secure connection to an Oracle 19c TCPS listener
Equivalent to:
- SQL Developer (JDBC thin driver)
- OpenSSL (
s_client)
Both of which work from the same machine using the same certificates.
Hypotheses
Based on the tests, the issue is likely one of the following:
- TablePlus Oracle driver does not fully support TCPS (TLS for Oracle).
- TablePlus ignores or misuses the provided CA PEM, causing the server to reject the client.
- Oracle-specific TCPS parameters (similar to
sqlnet.ora or JDBC “SSL_SERVER_DN_MATCH”) are not being set.
- The driver attempts plaintext TCP after STARTTLS or handshake mismatch, leading the server to immediately close the connection.
Because OpenSSL and SQLDeveloper both connect successfully, this does not appear to be a certificates, network, or server configuration issue.
Request for Clarification
Could you please confirm:
- Does TablePlus currently support Oracle TCPS (TLS) connections using PEM CA files?
- Is an Oracle Wallet required instead of PEM files?
- Is hostname verification / DN matching enforced and configurable?
- Does the Oracle driver used in TablePlus require additional TLS parameters?
- Are there known limitations with Oracle 19c TCPS connections on macOS?
Issue: TablePlus Cannot Connect to Oracle Over TCPS (TLS) – “Connection reset by peer”
Environment
Summary
TablePlus fails to connect to an Oracle database that requires TCPS.
The same connection (same host, port, service name, and credentials) works correctly in Oracle SQL Developer.
Even after providing valid CA certificates and enabling SSL mode in TablePlus, all connection attempts fail with:
This appears to be occurring before authentication, during or immediately after the TLS handshake.
What Works
1. SQL Developer
SQL Developer connects successfully using this JDBC descriptor:
SQL Developer is configured to use a JDK whose truststore includes the necessary internal root certificates:
2. OpenSSL
TLS handshake from macOS succeeds using the same CA certificates:
Result:
Verify return code: 0 (ok))This confirms:
Steps Taken in TablePlus
.cer→.pemusing OpenSSL.cat root_ca_1.pem root_ca_2.pem > chain.pemIn TablePlus → Oracle Connection:
<redacted-host><redacted-port><redacted-service>Attempt to connect → always fails with:
Actual Behavior
TablePlus immediately disconnects with:
This indicates the server closed the connection, typically because:
Expected Behavior
TablePlus should be able to:
Equivalent to:
s_client)Both of which work from the same machine using the same certificates.
Hypotheses
Based on the tests, the issue is likely one of the following:
sqlnet.oraor JDBC “SSL_SERVER_DN_MATCH”) are not being set.Because OpenSSL and SQLDeveloper both connect successfully, this does not appear to be a certificates, network, or server configuration issue.
Request for Clarification
Could you please confirm: