Re: Oracle Wallet

From: <niall.litchfield_at_gmail.com>
Date: Thu, 1 Sep 2022 09:13:59 +0100
Message-ID: <CABe10sZuLktXPX161H1aBL8TA5K=yhspf3Gx9nscDgkdYSwHSw_at_mail.gmail.com>

This time Reply All, - sorry Oyvind, I'll get the nag of tech one day.

Nor have I,seen this error but Google throws up https://support.oracle.com/epmos/faces/DocumentDisplay?id=2815506.1 which might be a match for you - and is frankly ridiculous

On Thu, Sep 1, 2022 at 7:25 AM Øyvind Isene <oyvind.isene_at_gmail.com> wrote:

>
> You can always try creating a new wallet with -auto_login
>
> But I have no experience with that error.
>
> ons. 31. aug. 2022 kl. 20:29 skrev Scott Canaan <srcdco_at_rit.edu>:
>
>> I created a new wallet in a new directory (under the umbrella wallets
>> directory). Now when he tries to use it, he gets "ORA-29106: Cannot
>> import PKCS #12 wallet". I’m thinking it’s because the wallet wasn’t
>> created with auto_login. Can that be changed now?
>>
>>
>>
>> *Scott Canaan ‘88*
>>
>> *Sr Database Administrator *Information & Technology Services
>> Finance & Administration
>>
>>
>> *Rochester Institute of Technology *o: (585) 475-7886 | f: (585) 475-7520
>>
>> *srcdco_at_rit.edu <srcdco_at_rit.edu>* | c: (585) 339-8659
>>
>> *CONFIDENTIALITY NOTE*: The information transmitted, including
>> attachments, is intended only for the person(s) or entity to which it is
>> addressed and may contain confidential and/or privileged material. Any
>> review, retransmission, dissemination or other use of, or taking of any
>> action in reliance upon this information by persons or entities other than
>> the intended recipient is prohibited. If you received this in error, please
>> contact the sender and destroy any copies of this information.
>>
>>
>>
>> *From:* oracle-l-bounce_at_freelists.org <oracle-l-bounce_at_freelists.org> *On
>> Behalf Of *Øyvind Isene
>> *Sent:* Wednesday, August 31, 2022 5:48 AM
>> *To:* gogala.mladen_at_gmail.com
>> *Cc:* oracle-l <oracle-l_at_freelists.org>
>> *Subject:* Re: Oracle Wallet
>>
>>
>>
>> Did you verify the certificate you are adding? If it is x509 you can
>> display it with
>>
>>
>>
>> openssl x509 -in claws_pvt.pem -text -noout
>>
>>
>>
>> To show the content of the wallet
>>
>>
>>
>> orapki wallet display -wallet ebsadevl_wallet
>>
>>
>>
>> I always store ssl certificates in a wallet separate from db-wallet and
>> tde-wallet, in the UTL_HTTP-package you can set the path to the wallet as a
>> parameter. Also if you are using UTL_HTTP, only the root certificates
>> should be necessary. When I run into problems with certification validation
>> problems in PL/SQL I use the EXECUTE DBMS_SESSION.RESET_PACKAGE; after
>> each change I do on the wallet. Sometimes it is easiest to just start over
>> with an empty wallet (this is material for a blog post, I have seen some
>> strange behaviour here). Either create a new one or delete the certs in it:
>>
>>
>>
>> orapki wallet remove -wallet . -trusted_cert_all
>>
>>
>>
>> I use this command to add certificates:
>>
>>
>>
>> orapki wallet add -wallet $PWD/ssl -trusted_cert -cert filename
>>
>>
>>
>>
>>
>>
>>
>> ons. 31. aug. 2022 kl. 00:43 skrev Mladen Gogala <gogala.mladen_at_gmail.com
>> >:
>>
>> On 8/30/22 10:40, Scott Canaan wrote:
>>
>> We have an Oracle wallet that has 3 trusted entries. One of our users
>> sent a .pem file and wants it added to the wallet. I’ve tried adding it
>> and the command completes successfully, but nothing changes in the wallet.
>> He says it can be done, but I can’t figure out how to do it.
>>
>>
>>
>> The command I used is:
>>
>>
>>
>> orapki wallet add -wallet ebsadevl_wallet/ -cert claws_pvt.pem
>>
>>
>>
>> oracle_at_ebsadevl1:EBSADEVL>orapki wallet add -wallet ebsadevl_wallet/
>> -cert claws_pvt.pem
>>
>> Oracle PKI Tool Release 19.0.0.0.0 - Production
>>
>> Version 19.4.0.0.0
>>
>> Copyright (c) 2004, 2021, Oracle and/or its affiliates. All rights
>> reserved.
>>
>>
>>
>> Enter wallet password:
>>
>> Operation is successfully completed.
>>
>>
>>
>> How do I add this cert to the wallet?
>>
>>
>>
>>
>> *Scott Canaan ‘88 *
>> *Sr Database Administrator *Information & Technology Services
>> Finance & Administration
>>
>>
>> *Rochester Institute of Technology *o: (585) 475-7886 | f: (585) 475-7520
>>
>> *srcdco_at_rit.edu <srcdco_at_rit.edu>* | c: (585) 339-8659
>>
>> *CONFIDENTIALITY NOTE*: The information transmitted, including
>> attachments, is intended only for the person(s) or entity to which it is
>> addressed and may contain confidential and/or privileged material. Any
>> review, retransmission, dissemination or other use of, or taking of any
>> action in reliance upon this information by persons or entities other than
>> the intended recipient is prohibited. If you received this in error, please
>> contact the sender and destroy any copies of this information.
>>
>>
>>
>> Hi Scott!
>>
>> As far as I remember, the command is:
>>
>> orapki wallet add -wallet wallet_location -trusted_cert -cert certificate_location
>>
>>
>>
>> I got this from a browser bookmark:
>>
>>
>>
>> https://docs.oracle.com/database/121/DBSEG/asoappf.htm#DBSEG610
>>
>>
>>
>> Are you testing TDE or TCPS listener?
>>
>> Regards
>>
>> --
>>
>> Mladen Gogala
>>
>> Database Consultant
>>
>> Tel: (347) 321-1217
>>
>> https://dbwhisperer.wordpress.com
>>
>>
>>
>>
>> --
>>
>> Øyvind Isene
>>
>> +47 90864882
>>
> --
> Øyvind Isene
> +47 90864882
>

-- 
Niall Litchfield
Oracle DBA
http://www.orawin.info

--
http://www.freelists.org/webpage/oracle-l

Received on Thu Sep 01 2022 - 10:13:59 CEST

This message: [ Message body ]
Next message: Beckstrom, Jeffrey: "RE: [EXTERNAL] Question on sql plan management"
In reply to Øyvind Isene: "Re: Oracle Wallet"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message