You would need to open up your Database connection settings to allow Wallet connection. These settings are done through Oracle SQLNET.ORA and TNSNAMES.ORA configuration file.
Applies to Oracle Wallet Manager, Wallet, Security, Weblogic, Oracle Database
Sample:
1. sqlnet.ora:
# sqlnet.ora Network Configuration File: /mysupport/etc/sqlnet.ora
# Generated by Oracle configuration tools.
NAMES.DIRECTORY_PATH= (LDAP, TNSNAMES, EZCONNECT, ONAMES, HOSTNAME)
SQLNET.WALLET_OVERRIDE=TRUE
WALLET_LOCATION=(SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=/mysupport/home/users/shiva/mydir)))
2. tnsnames.ora
#TNSNAMES to point to the wallet name - ORACLE2
ORACLE2 =
(DESCRIPTION =
(ADDRESS = (PROTO = TCP)(HOST = myhost)(PORT = 1526))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = ORACLE)
)
)
Syntax: mkstore -wrl <wallet_location> -createCredential <tns alias> <user_name> <password>
Example:
mkstore -wrl /opt/oracle/mydir/wallet -createCredential ORACLE2 shivak password
[myos]/mysupport/home/users/shiva/mydir> mkstore -wrl /mysupport/home/users/shiva/mydir/test -create
Enter password: wallettest
Enter password again: wallettest
======================================
Step 2:
Syntax: mkstore -wrl <directory where the wallet needs to be created> -createCredential <tns_alias> <existing_user> <existing_passwd>
[myos]/mysupport/home/users/shiva/mydir> mkstore -wrl /mysupport/home/users/shiva/mydir/test -createCredential SHIVAV1023W shivak dbpw
Enter password: wallettest
Create credential oracle.security.client.connect_string1
======================================
Step 3: Check if WALLET is created
[myos]/mysupport/home/users/shiva/mydir> ls -l
total 36
-rw------- 1 mysupport udba 8316 Sep 30 13:27 cwallet.sso
-rw------- 1 mysupport udba 8288 Sep 30 13:27 ewallet.p12
-rw-r--r-- 1 mysupport udba 470 Sep 30 21:03 listener.ora
-rw-r--r-- 1 mysupport udba 318 Sep 30 13:16 sqlnet.ora
-rw-r--r-- 1 mysupport udba 196 Sep 30 20:57 tnsnames.ora
======================================
Step 4: Connection from SQLPLUS to test WALLET
[myos]/mysupport/home/users/shiva/mydir> sqlplus /@SHIVAV1023W
SQL*Plus: Release 10.2.0.1.0 - Production on Mon Sep 30 13:29:38 2013
Copyright (c) 1982, 2005, Oracle. All rights reserved.
Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - 64bit Production
With the Partitioning, OLAP and Data Mining options
...
1. Oracle Database Security Guide
10g Release 2 (10.2)
B14266-09
Chapter 9 Secure External Password Store
URL: http://docs.oracle.com/cd/B19306_01/network.102/b14266/cnctslsh.htm
2. Oracle Fusion Middleware Administrator's Guide
11g Release 1 (11.1.1)
Part Number E10105-13
Chapter 8 Managing Keystores, Wallets, and Certificates
URL: http://docs.oracle.com/cd/E23943_01/core.1111/e10105/wallets.htm#CIHIHGJG
3. Oracle Database Advanced Security Administrator's Guide
11g Release 2 (11.2)
E40393-02
Section F orapki Utility
URL: http://docs.oracle.com/cd/E11882_01/network.112/e10746/asoappf.htm
Applies to Oracle Wallet Manager, Wallet, Security, Weblogic, Oracle Database
Sample:
1. sqlnet.ora:
# sqlnet.ora Network Configuration File: /mysupport/etc/sqlnet.ora
# Generated by Oracle configuration tools.
NAMES.DIRECTORY_PATH= (LDAP, TNSNAMES, EZCONNECT, ONAMES, HOSTNAME)
SQLNET.WALLET_OVERRIDE=TRUE
WALLET_LOCATION=(SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=/mysupport/home/users/shiva/mydir)))
2. tnsnames.ora
#TNSNAMES to point to the wallet name - ORACLE2
ORACLE2 =
(DESCRIPTION =
(ADDRESS = (PROTO = TCP)(HOST = myhost)(PORT = 1526))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = ORACLE)
)
)
Create a wallet for external identification:
Step 1:Syntax: mkstore -wrl <wallet_location> -createCredential <tns alias> <user_name> <password>
Example:
mkstore -wrl /opt/oracle/mydir/wallet -createCredential ORACLE2 shivak password
[myos]/mysupport/home/users/shiva/mydir> mkstore -wrl /mysupport/home/users/shiva/mydir/test -create
Enter password: wallettest
Enter password again: wallettest
======================================
Step 2:
Syntax: mkstore -wrl <directory where the wallet needs to be created> -createCredential <tns_alias> <existing_user> <existing_passwd>
[myos]/mysupport/home/users/shiva/mydir> mkstore -wrl /mysupport/home/users/shiva/mydir/test -createCredential SHIVAV1023W shivak dbpw
Enter password: wallettest
Create credential oracle.security.client.connect_string1
======================================
Step 3: Check if WALLET is created
[myos]/mysupport/home/users/shiva/mydir> ls -l
total 36
-rw------- 1 mysupport udba 8316 Sep 30 13:27 cwallet.sso
-rw------- 1 mysupport udba 8288 Sep 30 13:27 ewallet.p12
-rw-r--r-- 1 mysupport udba 470 Sep 30 21:03 listener.ora
-rw-r--r-- 1 mysupport udba 318 Sep 30 13:16 sqlnet.ora
-rw-r--r-- 1 mysupport udba 196 Sep 30 20:57 tnsnames.ora
======================================
Step 4: Connection from SQLPLUS to test WALLET
[myos]/mysupport/home/users/shiva/mydir> sqlplus /@SHIVAV1023W
SQL*Plus: Release 10.2.0.1.0 - Production on Mon Sep 30 13:29:38 2013
Copyright (c) 1982, 2005, Oracle. All rights reserved.
Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - 64bit Production
With the Partitioning, OLAP and Data Mining options
...
Reference / Read More:
1. Oracle Database Security Guide
10g Release 2 (10.2)
B14266-09
Chapter 9 Secure External Password Store
URL: http://docs.oracle.com/cd/B19306_01/network.102/b14266/cnctslsh.htm
2. Oracle Fusion Middleware Administrator's Guide
11g Release 1 (11.1.1)
Part Number E10105-13
Chapter 8 Managing Keystores, Wallets, and Certificates
URL: http://docs.oracle.com/cd/E23943_01/core.1111/e10105/wallets.htm#CIHIHGJG
3. Oracle Database Advanced Security Administrator's Guide
11g Release 2 (11.2)
E40393-02
Section F orapki Utility
URL: http://docs.oracle.com/cd/E11882_01/network.112/e10746/asoappf.htm
No comments:
Post a Comment