Re: Oracle Wallet

From: Øyvind Isene <oyvind.isene_at_gmail.com>
Date: Thu, 1 Sep 2022 08:25:22 +0200
Message-ID: <CAF+iMcGZMhzAqED9scm+Du_DYbiBVs4Rwv2zT0nv+dv5zNgJ7w_at_mail.gmail.com>

You can always try creating a new wallet with -auto_login

But I have no experience with that error.

ons. 31. aug. 2022 kl. 20:29 skrev Scott Canaan <srcdco_at_rit.edu>:

> I created a new wallet in a new directory (under the umbrella wallets
> directory). Now when he tries to use it, he gets "ORA-29106: Cannot
> import PKCS #12 wallet". I’m thinking it’s because the wallet wasn’t
> created with auto_login. Can that be changed now?
>
>
>
> *Scott Canaan ‘88*
>
> *Sr Database Administrator *Information & Technology Services
> Finance & Administration
>
>
> *Rochester Institute of Technology *o: (585) 475-7886 | f: (585) 475-7520
>
> *srcdco_at_rit.edu <srcdco_at_rit.edu>* | c: (585) 339-8659
>
> *CONFIDENTIALITY NOTE*: The information transmitted, including
> attachments, is intended only for the person(s) or entity to which it is
> addressed and may contain confidential and/or privileged material. Any
> review, retransmission, dissemination or other use of, or taking of any
> action in reliance upon this information by persons or entities other than
> the intended recipient is prohibited. If you received this in error, please
> contact the sender and destroy any copies of this information.
>
>
>
> *From:* oracle-l-bounce_at_freelists.org <oracle-l-bounce_at_freelists.org> *On
> Behalf Of *Øyvind Isene
> *Sent:* Wednesday, August 31, 2022 5:48 AM
> *To:* gogala.mladen_at_gmail.com
> *Cc:* oracle-l <oracle-l_at_freelists.org>
> *Subject:* Re: Oracle Wallet
>
>
>
> Did you verify the certificate you are adding? If it is x509 you can
> display it with
>
>
>
> openssl x509 -in claws_pvt.pem -text -noout
>
>
>
> To show the content of the wallet
>
>
>
> orapki wallet display -wallet ebsadevl_wallet
>
>
>
> I always store ssl certificates in a wallet separate from db-wallet and
> tde-wallet, in the UTL_HTTP-package you can set the path to the wallet as a
> parameter. Also if you are using UTL_HTTP, only the root certificates
> should be necessary. When I run into problems with certification validation
> problems in PL/SQL I use the EXECUTE DBMS_SESSION.RESET_PACKAGE; after
> each change I do on the wallet. Sometimes it is easiest to just start over
> with an empty wallet (this is material for a blog post, I have seen some
> strange behaviour here). Either create a new one or delete the certs in it:
>
>
>
> orapki wallet remove -wallet . -trusted_cert_all
>
>
>
> I use this command to add certificates:
>
>
>
> orapki wallet add -wallet $PWD/ssl -trusted_cert -cert filename
>
>
>
>
>
>
>
> ons. 31. aug. 2022 kl. 00:43 skrev Mladen Gogala <gogala.mladen_at_gmail.com
> >:
>
> On 8/30/22 10:40, Scott Canaan wrote:
>
> We have an Oracle wallet that has 3 trusted entries. One of our users
> sent a .pem file and wants it added to the wallet. I’ve tried adding it
> and the command completes successfully, but nothing changes in the wallet.
> He says it can be done, but I can’t figure out how to do it.
>
>
>
> The command I used is:
>
>
>
> orapki wallet add -wallet ebsadevl_wallet/ -cert claws_pvt.pem
>
>
>
> oracle_at_ebsadevl1:EBSADEVL>orapki wallet add -wallet ebsadevl_wallet/
> -cert claws_pvt.pem
>
> Oracle PKI Tool Release 19.0.0.0.0 - Production
>
> Version 19.4.0.0.0
>
> Copyright (c) 2004, 2021, Oracle and/or its affiliates. All rights
> reserved.
>
>
>
> Enter wallet password:
>
> Operation is successfully completed.
>
>
>
> How do I add this cert to the wallet?
>
>
>
>
> *Scott Canaan ‘88 *
> *Sr Database Administrator *Information & Technology Services
> Finance & Administration
>
>
> *Rochester Institute of Technology *o: (585) 475-7886 | f: (585) 475-7520
>
> *srcdco_at_rit.edu <srcdco_at_rit.edu>* | c: (585) 339-8659
>
> *CONFIDENTIALITY NOTE*: The information transmitted, including
> attachments, is intended only for the person(s) or entity to which it is
> addressed and may contain confidential and/or privileged material. Any
> review, retransmission, dissemination or other use of, or taking of any
> action in reliance upon this information by persons or entities other than
> the intended recipient is prohibited. If you received this in error, please
> contact the sender and destroy any copies of this information.
>
>
>
> Hi Scott!
>
> As far as I remember, the command is:
>
> orapki wallet add -wallet wallet_location -trusted_cert -cert certificate_location
>
>
>
> I got this from a browser bookmark:
>
>
>
> https://docs.oracle.com/database/121/DBSEG/asoappf.htm#DBSEG610
>
>
>
> Are you testing TDE or TCPS listener?
>
> Regards
>
> --
>
> Mladen Gogala
>
> Database Consultant
>
> Tel: (347) 321-1217
>
> https://dbwhisperer.wordpress.com
>
>
>
>
> --
>
> Øyvind Isene
>
> +47 90864882
>

-- 
Øyvind Isene
+47 90864882

--
http://www.freelists.org/webpage/oracle-l

Received on Thu Sep 01 2022 - 08:25:22 CEST

This message: [ Message body ]
Next message: niall.litchfield_at_gmail.com: "Re: Oracle Wallet"
Previous message: Pap: "Re: Question on sql plan management"
Next in thread: niall.litchfield_at_gmail.com: "Re: Oracle Wallet"
Reply: niall.litchfield_at_gmail.com: "Re: Oracle Wallet"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message