2026-03-12 21:01:38

2026-03-12 22:01:38 +01:00
parent 3bd1db26cc
commit 26296b6d6a
336 changed files with 27507 additions and 0 deletions
--- a/tmp/openssl_orapki_01.txt
+++ b/tmp/openssl_orapki_01.txt
@@ -0,0 +1,51 @@
+# How to Create a New Wallet from an Existing Private Key and Certificates using OpenSSL and orapki (Doc ID 2769138.1)
+openssl pkcs12 -export \
+	-in /app/oracle/staging_area/TLS_poc/openssl_files/togoria.swgalaxy.crt \
+	-inkey /app/oracle/staging_area/TLS_poc/openssl_files/togoria.swgalaxy.key \
+	-certfile /app/oracle/staging_area/TLS_poc/openssl_files/rootCA.pem \
+	-out /app/oracle/staging_area/TLS_poc/openssl_files/togoria.swgalaxy.p12
+
+# create an empty wallet
+orapki wallet create -wallet /app/oracle/staging_area/TLS_poc/wallet -pwd "Secret00!" -auto_login_local
+
+# we can import directly both user / trusted certificate from .p12 file
+orapki wallet import_pkcs12 -wallet /app/oracle/staging_area/TLS_poc/wallet -pwd "Secret00!" \
+	-pkcs12file /app/oracle/staging_area/TLS_poc/openssl_files/togoria.swgalaxy.p12
+
+# or we can add separately trusted certificate and user certificate 
+orapki wallet add -wallet /app/oracle/staging_area/TLS_poc/wallet -pwd "Secret00!" \
+	-trusted_cert -cert /app/oracle/staging_area/TLS_poc/openssl_files/rootCA.pem
+
+-> THIS fails
+orapki wallet add -wallet /app/oracle/staging_area/TLS_poc/wallet -pwd "Secret00!" \
+	-user_cert -cert /app/oracle/staging_area/TLS_poc/openssl_files/togoria.swgalaxy.crt
+
+orapki wallet import_private_key -wallet /oracle/wallet/location -pwd oracle_wallet_password -pvtkeyfile /tmp/encrypted.key -pvtkeypwd long_key_encryption_password -cert /etc/pki/tls/private/servername.crt
+
+# How to Remove Trusted Certificate From Oracle Wallet (Doc ID 2257925.1)
+orapki wallet remove -trusted_cert_all -wallet /app/oracle/staging_area/TLS_poc/wallet -pwd "Secret00!" 
+
+# display wallet contents
+orapki wallet display -wallet /app/oracle/staging_area/TLS_poc/wallet -pwd "Secret00!"
+
+
+export TNS_ADMIN=/app/oracle/staging_area/TLS_poc/tnsadmin
+
+
+# client side
+orapki wallet add -wallet /app/oracle/staging_area/TLS_poc/wallet -pwd "Secret00!" \
+	-user_cert -cert /app/oracle/staging_area/TLS_poc/openssl_files/wayland.swgalaxy.fullchain.crt
+
+
+
+# listener registration
+alter system set local_listener="(DESCRIPTION_LIST =
+	(DESCRIPTION =
+		(ADDRESS = (PROTOCOL = TCPS)(HOST = togoria.swgalaxy)(PORT = 24000))
+		(ADDRESS = (PROTOCOL = TCP)(HOST = togoria.swgalaxy)(PORT = 1521))
+	)
+)" 
+scope=both sid='*';
+
+alter system register;
+