diary @ telent

Some notes about importing existing SSL certificates into Oracle#

Fri Aug 8 13:06:14 2025

date: Tue, 3 Sep 2002 17:8:7 +0000

Some notes about importing existing SSL certificates into Oracle Wallet Manager:

So in our particular case,
  1. Download the Thawte CA cert from http://www.thawte.com/serverbasic.crt
  2. Convert to PEM: openssl x509 inform der in ~/serverbasic.crt outform pem out thawte.crt.pem
  3. Make a wallet: openssl pkcs12 noiter nodes export certfile ~/serverbasic.crt inkey ../ssl.key/www.foo.com.key in ../ssl.crt/www.foo.com.crt name 'friendly name' nodes noiter out /tmp/e1/ewallet.p12

Most of the time spent finding this out was actually in translating the "incorrect password" error message into "I can't load this wallet because it doesn't include the CA cert". Obvious in retrospect. Sure