©2015, 2016, 2017, 2018 Chad’s Technoworks. Disclaimer and Terms of Use

Chad’s TechnoWorks My Journal On Technology

Information Technology

Oracle Advanced Security - page 2


ORACLE ADVANCED SECURITY CONFIGURATION


LAB SETUP


In my lab setup, I have used the Solaris Unix as my operating platform for my database. And to simulate my application environment, I use Linux as my operating environment for the client which is a common platform for application servers nowadays.

You may use the same procedures that I had mentioned below if you would like to use Windows as your client environment.


DATABASE SERVER

Hostname: pacific

OS: Solaris 10 Unix

Database name: ORA11PCI


CLIENT

Hostname: pacificnfs

OS: Linux




ORACLE WALLET AND SSL CERT SETUP


I. CREATE A WALLET ON SERVER AND CLIENT

You do this on both the server and the client hosts. The example below is on the database server part.


1. Launch the Oracle Wallet Manager


pacific:oradb> owm

 

Prev< 1 2 3 4 5 >Next

2. Create a New Wallet. (Wallet -> New)


Select yes to create a new wallet directory.

Enter your master password - in my case, Pa$$w0rd

Wallet type: Standard

You can optionally proceed to create a cert request if you intend to use SSL.

In my case, I decided to create later.

NOTE: the default ewallet.p12 file is located in the wallet folder at $ORACLE_HOME/owm/wallets/<osacct>


pacific:oradb> pwd

/dsk0/orabin/11gR2/product/11.2.0.4/db/owm/wallets/oradb


pacific:oradb> ls -l

total 10

-rw-------   1 oradb    orainst     4776 Nov  5 05:55 ewallet.p12

pacific:oradb>

II. CREATE A CERT REQUEST FOR DB SERVER


At the Operations menu, select Add Certificate Request.

At the Create Certificate Request window, supply the following info:

CN=pacific

OU=IT Database

O=MyCompany

L=Chicago

ST=IL


the rest are default:

keysize= 1024

DN=

III. CREATE A CERT REQUEST FOR CLIENT

Do the same as you did with the previous server cert request except the CN will be the client host.

CN=pacificnfs