Oracle Wallets – SSL/HTTPS OWM

OWM wallets ssl

Oracle Wallet is container/repository to store credentials like certificates, certificate request and private keys, and used if you wish to enable HTTPS.

* Oracle Wallets can be stored either on file system or LDAP Server (like OID)

Managing Wallets: You manage Oracle Wallets using Oracle Wallet Manager (owm – java based application). OWM is executable in $ORACLE_HOME/bin .
Using owm you can
i) create wallets
ii) create certificate request
iii) import certificate to wallet
iv) Upload wallet to directory

 wallets owm ssl oracle wallet manager

SSL Wallet Directive for Web/Oracle-Apache Server
Directive SSLWallet used in ssl.conf (or httpd.conf) is used to define location of wallets which contains SSL Key and request file

Related Docs

Metalink Note 344434.1  How to Find and Use Oracle Wallet Manager Documentation with Oracle Application Server and SSL

Managing Wallets (Oracle DOC) 
Question of day:How will you define Wallet location in httpd.conf if wallet is stored in OID instead of file system ?

About the Author Atul Kumar

Oracle ACE, Author, Speaker and Founder of K21 Technologies & K21 Academy : Specialising in Design, Implement, and Trainings.

follow me on:

Leave a Comment:

13 comments
mac says May 8, 2008

Hi,

I am planning to implement SSL over my OID server. I have followed the instructions from creating a new configset to creating a wallet but I want to have a local certificate (not coming from CA like verisign or thawte) just to test if ssl is working for my OID server.
How can I do that?

Reply
Atul says May 8, 2008

Mac,
OID server by default listen on SSL and Non SSL port so I am not sure what you are looking for or configuring ..

Do you mean you want to store certificate wallet in OID ?

Reply
Ans says September 4, 2009

How to enable SSL with genearted wallet

Reply
FN says September 7, 2010

Hi,

I am new to OAS, i have configured LDAP of my app with Microsoft AD, Now i want to configure SSL of OAS (HTTP Server) with Microsoft CA Authority.

What i have for SSL activity is as follows:
– Created a wallet by default: ewallet.p12
– CA root Certificate xxx.cer

How can i use my CA root Certificate with wallet so that enable ssl.
After that i will require SSLClientAuth required.

Reply
Atul Kumar says September 7, 2010

@ FN,
Use wallet manager , owm to import your CA’s root certificate as trusted certificate.

Then from owm generate certificate request for your OAS (enter website name “ServerName field of httpd.conf” as cn for certificate request). Give to your microsoft CA for signing. Get signed certificate back and import certificate in to wallet.

This will create wallet files in OHS (Oracle HTTP server). Then configure SSL on OHS as mentioned here here

(Steps may differ slightly based on your OHS)

Reply
jjohn says January 19, 2011

Atul,

My client has a certificate that can be used on any server within the domain. I want to import it into wallet. Is it enough if I import only this server.cer. What about the private key and the ca.cer?

Thanks
JJ

Reply
Atul Kumar says January 20, 2011

@ jjohn,
You must import CA certificate if they are are not already in Trusted Certificate list

Reply
Chandruhere4u says February 7, 2012

Hi Atul,

We are on soa suite 11.1.1.5.
I couldn/t find owm executable in my soa suite home (/u01/oracle/Middleware/).but we have owm in /u01/apps/oracle/rcuhome/bin.
when I run this, I am getting the below error.
Kindly suggest me how to resolve this..

[oracle@alvmnrvltsoa01 bin]$ ./owm
./owm: line 164: /ade/aime_rcuintegration_932542/rcuintegration/shiphome/rcuHome/jdk/jre//bin/java: No such file or directory
Done.

Thanks,
Chandru

Reply
Atul Kumar says February 7, 2012

@ Chandruhere4u,
You should not use owm (wallet Manager) for Fusion Middleware Products.

Use EM or WebLogic (depending on components for which you wish to use SSL).

What is your business requirement ?

Reply
chandruhere4u says February 7, 2012

Hi Atul,
Thanks for your reply…
We have a remote system which needs to be connected using ftps.. They have provided us with the certificate..
So kindly suggest me the way that i need take forward..

Thanks in adance..

Cheers
chandru

Reply
Atul Kumar says February 8, 2012

@ chandruhere4u

In my view, you should use FTPAdpter in SOA as explained in

http://docs.oracle.com/cd/E21764_01/integration.1111/e10231/adptr_file.htm#BABDIACD

and

For SFTP using ssh
http://docs.oracle.com/cd/E21764_01/integration.1111/e10231/adptr_file.htm#CACJIGEF

Reply
Anshul says June 15, 2012

HI Atul,

We have a Oracle EBS R12.1.2 system, which was running on a 10.2.0.5 database. Load Balancer is enabled. For security concern the scenario enable the SSL. Please let me know the how can i go ahead…

Regards,
Anshul

Reply
» Configure SSL for Oracle Internet Directory (OID) Online Apps DBA: One Stop Shop for Apps DBA’s says January 24, 2013

[…] and Certifying Authority’s (CA) certificates are stored in WALLETS (More on wallets here and here). Wallets can be managed by EM (Enterprise Manager) or WLST or orapki or […]

Reply
Add Your Reply

Not found