What if EM doesn’t work or you did not select Enterprise Manager during WebLogic Domain Creation?
You are not allowed to use GUI like EM to configure/manage SSL in Oracle.
If you are in situation like me where GUI is not an option and only Command Line Interface (CLI) is allowed then you can use utility orapki to manage certificates in Wallet for OID.
Similar to keystore in WebLogic, you have wallet to store SSL certificate (both Identity & Trust certificate) for Oracle components managed by OPMN like Oracle Internet Directory (OID), Oracle HTTP Server (OHS), and Oracle Virtual Directory (OVD).
In this post I am going to show how to create Wallet, create Certificate Signing Request (CSR) and importing Certificates (Identity and Trust).
1. To create wallet
orapki wallet create -wallet [wallet_location]
orapki wallet create -wallet /u01/app/oracle/admin/oid_inst1/OID/admin/myWalletDir
2. To Display certificates in wallet
orapki wallet display -wallet [wallet_location]
orapki wallet display -wallet /u01/app/oracle/admin/oid_inst1/OID/admin/myWalletDir
3. To add a trusted certificate to an Oracle wallet:
orapki wallet add -wallet wallet_location -cert certificate_location -trusted_cert -auto_login_only
4. To add a user certificate to an Oracle wallet:
orapki wallet add -wallet wallet_location -cert certificate_location -user_cert -auto_login_only
Note: In above wallet, you can see 1 User Certificate (Identity Certificate ) and 6 Trusted Certificate (Certifying Authority certificate)
Did you get a chance to download FREE Guide on Oracle Secure Sockets Layer (now Transport Layer Security TSL), download it here http://k21academy.com/fmw-interview-question
Oracle ACE, Author, Speaker and Founder of K21 Technologies & K21 Academy : Oracle Gold Partner specialising in Design, Implement, and Trainings.
Find Us On