Tuesday, October 10, 2017

Importing SSL user certificate to an Oracle Wallet

Oracle Wallet does not allow you to import a user certificate if the CSR was not generated in that wallet.

These instructions explain how to take your existing user cert and private key and generate a new Oracle Wallet with them. This is based off the instructions from the Oracle A-Team with some slight variation, so read that note first.

Run these instructions to create the ewallet.p12 file:
export JAVA_HOME=/u01/oracle/java 
export PATH=$JAVA_HOME/bin:$PATH

cat Trust.cer > combined.crt
cat Intermediate.cer >> combined.crt 
cat mycert.cer >> combined.crt

openssl pkcs12 -export -in combined.crt -inkey myprivatekey.key -out ewallet.p12

Afterwards, after running Oracle Wallet Manager, open the directory which contains the ewallet.p12 file (which essentially now becomes your Oracle Wallet directory), click on "Wallet > Auto Login > Exit".


1 comment:

Anonymous said...

When using cat, it will place -----END CERTIFICATE----- and -----BEGIN CERTIFICATE----- on one line. This will result in an error creating the ewallet.p12. Rather use notepad to create the combined.crt or combined.pem.