diary at Telent Netowrks

Some notes about importing existing SSL certificates into Oracle#

Tue, 03 Sep 2002 17:08:07 +0000

Some notes about importing existing SSL certificates into Oracle Wallet Manager:

So in our particular case,
  1. Download the Thawte CA cert from http://www.thawte.com/serverbasic.crt
  2. Convert to PEM: openssl x509 -inform der -in ~/serverbasic.crt -outform pem -out thawte.crt.pem
  3. Make a wallet: openssl pkcs12 -noiter -nodes -export -certfile ~/serverbasic.crt -inkey ../ssl.key/www.foo.com.key -in ../ssl.crt/www.foo.com.crt -name 'friendly name' -nodes -noiter -out /tmp/e1/ewallet.p12

Most of the time spent finding this out was actually in translating the "incorrect password" error message into "I can't load this wallet because it doesn't include the CA cert". Obvious in retrospect. Sure