Hello everyone. Today we wanted to tell you about our experience in creating an Oracle wallet to access the database in version 19c. We already published an entry to do it in 11g and 12c in the following entry:
https://www.gpsos.es/2019/01/crear-wallet-oracle-certificado-p12/
When performing the same operation in Oracle 19c we have encountered a failure in one of the steps, specifically in step:
orapki wallet pkcs12_to_jks -wallet ewallet.p12 -pwd test123 -jksKeyStoreLoc ewallet.jks -jksKeyStorepwd test123
The error that appears is:
Unable to perform operation: null
When reviewing we see that there is no information in the logs or in metalink that gives us a clue of what may be happening, so we are going to do it in another way.
Create Oracle Wallet for version 19c
We load the version 19c variables:
. oraenv ORACLE_SID = []? TEST19 The Oracle base has been changed to / opt / oracle
Our certificate is called test1.gpsos.es.cer and the key test1.gpsos.es.key :
certified cd openssl pkcs12 -export -in test1.gpsos.es.cer -inkey test1.gpsos.es.key -certfile CA.cer -out ewallet.p12
We enter our password for the certificate
- The first step is convert from p12 to jks
keytool -v -importkeystore -srckeystore ewallet.p12 -srcstoretype PKCS12 -destkeystore ewallet.jks -deststoretype JKS
We import all associated certificates:
keytool -import -alias Root -keystore ewallet.jks -trustcacerts -file CA.cer keytool -import -alias Intermediate -keystore ewallet.jks -trustcacerts -file CA.cer keytool -list -keystore ewallet.jks
- We create an empty wallet where to import the new certificates:
mkdir / home / oracle / certificates / wallet orapki wallet create -wallet / home / oracle / certificates / wallet -pwd test123 -auto_login -pwd test123
- We convert the jks file to wallet :
orapki wallet jks_to_pkcs12 -wallet / home / oracle / certificates / wallet -pwd test123 -keystore ./ewallet.jks -jkspwd test123
- We copy the wallet to its final route:
cd / home / oracle / certificates / wallet chown oracle: dba ewallet.p12 cwallet.sso chmod 640 ewallet.p12 cwallet.sso mkdir -p /app/oracle/product/19.3.0.0/db_1/owm/wallets/oracle cp / home / oracle / certificates / wallet / * /app/oracle/product/19.3.0.0/db_1/owm/wallets/oracle
Once finished we can call owm and check that the wallet opens correctly and we have our certificates available.
If you have questions about how to create the Wallet or if you prefer us to do it, contact us without obligation. We can also advise you and assess your environment if you wish. We can help you if you are experiencing slowness problems, crashes, database engine version update, migrations, etc. Ask for information without obligation and we will assess your case. We are experts in Databases such as Oracle, SQL Server, MySQL, MongoDB …
We hope you find it useful and save you problems when working with this functionality. See you in next innings.
If you don’t want to miss any of our publications, subscribe to our newsletter. With a single email a month you will be informed of all our entries.
Still do not know Query Performance ? Find out how it can help you in your Oracle environment. More information on their page LinkedIn .
Follow GPS on LinkedIn
More information in the official documentation: https://docs.oracle.com/middleware/1213/wls/JDBCA/oraclewallet.htm#JDBCA596