How to set up the Oracle Wallets in Oracle Database 19C

 

The Oracle Wallet is a container or repository that stores authentication and credentials such as certificates, certificate requests, and private keys., By using this we can connect to database without providing the schema name & password, Password will be connected by using the TNS ALIES name & hence the schema are encrypted & stored in the oracle wallets.

Let us configure the schema password by using the wallets.

Create a directory to store the wallets.


Create a directory to store the password

$ mkdir -p /u01/app/wallets

Create a wallet & provide the wallet password.

$ mkstore -wrl /u01/app/wallets/ -create

Enter password: *********
Enter password again: ********

$ ll
total 8
-rw-------. 1 oracle oinstall 194 Nov 1 14:38 cwallet.sso
-rw-------. 1 oracle oinstall 0 Nov 1 14:38 cwallet.sso.lck
-rw-------. 1 oracle oinstall 149 Nov 1 14:38 ewallet.p12
-rw-------. 1 oracle oinstall 0 Nov 1 14:38 ewallet.p12.lck

Check the status of listener

$lsnrctl status listener_name;

Configure SQLNET.ORA file with WALLET_OVERRIDE & WALLET_LOCATION Parameters.

Note:   WALLET_LOCATION is where the wallets are created & stored
WALLET_OVERRIDE will override the DB schema credentials & stored in the wallet


$ cd $ORACLE_HOME/network/admin

$ vi sqlnet.ora

####WALLET_OVERRIDE PARAMETER CONFIG########

SQLNET.WALLET_OVERRIDE=TRUE
SSL_CLIENT_AUTHENTICATION=FALSE
SSL_VERSION=0

####WALLET_LOCATION PARAMETER CONFIG########

WALLET_LOCATION=
(SOURCE =
(METHOD = FILE)
(METHOD_DATA =
(DIRECTORY= /u01/app/wallets)
)
)

Connect to database & create a user to perform the wallet configuration.
$ sqlplus / as sysdba
Create a user
SQL> create user wallets identified by wallets quota unlimited on users;
User created.
Grant connect, resource privilege to user.
SQL> grant connect, resource to wallets;
Grant succeeded.
Set the schema password by using the above created wallet.

$ mkstore -wrl /u01/app/wallets/ -createCredential ora19c wallets

Your secret/Password is missing in the command line
Enter your secret/Password: 
Re-enter your secret/Password:
Enter wallet password:

SECRET PASSWORD is your above created schema password : In my case schema password is “wallets”
WALLET PASSWORD is your above created wallet password : In my case wallet password is “******”
Finally lets connect to the schema with the given TNS ALIES as sqlplus /@TNS_ALIES.

$ sqlplus /@ora19c


SQL> show user
USER is "WALLETS"

We don’t provide the username & password, Therefore this will connect directory to the schema “wallets”

Comments

Post a Comment

Popular posts from this blog

How to fix Oracle SQL Developer connection issue "Got minus one from a read call"

Image
 During connection from SQL Developer to EBS database got below error message: Status : Failure - Test failed: IO Error: Got minus one from a read call Following solution can be done : 1. Go to directory $ORACLE_HOME / network / admin 2. Modify sqlnet.ora file with following parameter : tcp.validnode_checking = no 3. If you don 't want to disable this, you can put the machine names as follows: tcp.invited_nodes=(machine1, machine2) 3. Bounce the listener. Due to security enhancements it is not good to put tcp.validnode_checking = no or comment out will through error when we start listener like below: Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=shsebs7idb1.appsolworld.com)(PORT=1522))) TNS-00584: Valid node checking configuration error TNS-12560: TNS:protocol adapter error Better plan is to add localhost or IP address of client (Local Computer) in the sqlnet.ora file That will solve the problem NAMES.DIRECTORY_PATH=(TNSNAMES, ONAMES, HOSTNAME) SQLNET.EXPI
Read more

Few Important steps of Oracle Database Clone

 Make Sure oraInst.loc location is correct and accessble. [demantra@dsiddem ~]$ cat /etc/oraInst.loc inventory_loc=/orastage/oraInventory inst_group=dba [demantra@dsiddem ~]$ cd /orastage/oraInventory [demantra@dsiddem oraInventory]$ ls -ltr total 16 drwxrwx---. 5 demantra dba 4096 Jul 22 19:37 backup drwxrwx---. 2 demantra dba 4096 Jul 22 19:37 ContentsXML drwxrwx---. 2 demantra dba 4096 Jul 22 19:37 locks drwxrwx---. 3 demantra dba 4096 Jul 23 10:08 logs Remove Oracle Home from Inventory [demantra@dsiddem oraInventory]$ cd $ORACLE_HOME/oui/bin [demantra@dsiddem bin]$ ./runInstaller -detachHome ORACLE_HOME=$ORACLE_HOME Starting Oracle Universal Installer... Checking swap space: must be greater than 500 MB.   Actual 3039 MB    Passed The inventory pointer is located at /etc/oraInst.loc Run Clone.pl [demantra@dsiddem bin]$ echo $ORACLE_HOME /dnbsid/demantra/oracle/19.0.0 [demantra@dsiddem bin]$ echo $ORACLE_BASE /dnbsid/demantra [demantra@dsiddem bin]$ E01=ORACLE_HOME=$ORACLE_HOME [dema
Read more

How to autopopulate user_guid in fnd_user table ( EBS Blank Page)

  Issue:  EBS Local Login url is working fine. When accessing sso url, users are getting error as below appended to the url. And login page will be blank. One of the reason could be : OAM Authentication is fine but during authorization process, OAM is unable to map guid from oid to user_guid in fnd_user. This can be due to user_guid being null in fnd_user table. As per the process, when user logins for the first time, user_guid need to be populated automatically (from oid) Query guid from oid and update fnd_user table with that. ldapsearch -h oidhost.appsolworld.com -p 3060 -D "cn=orcladmin" -w orcladmpwd -b "cn=Users,dc=dc,dc=online,dc=org" -s sub "(uid=$1)" orclsamaccountname krbprincipalname mail orcluserprincipalname orclguid Pass userid to this command which gives guid along with other details. Update fnd_user table with above guid : update fnd_user  set user_guid=' ' where user_name like ' '; Solution:  As per the process,  when user
Read more