you are a new oracle dba and you want to renew an expired wallet in an wallet manager.
| How To Replace An Expired Or Expiring Certificate in Wallet Manager [ID 303299.1] | |||
|
|
|||
| Modified 06-JUL-2009 Type HOWTO Status PUBLISHED | |||
In this Document
Goal
Solution
References
Applies to:
Oracle Security Service – Version: 9.0.1.4 to 10.1.0.5
Oracle Application Server 10g Enterprise Edition – Version: 9.0.2.0.1 to 10.1.3.4.0
Oracle HTTP Server – Version: 9.0.2.0.1 to 10.1.3.4.0
Information in this document applies to any platform.
“Checked for relevance – 12-MAY-2009”
Goal
How to replace an expired/expiring certificate in Oracle Wallet Manager?
Solution
1. Obtain a new Certificate from the Certificate Authority based on the original Certificate Request.
(How you do this depends on the Certificate Authority. Normally you just ask the Certificate Authority to renew the existing certificate. Sometimes they ask you to resubmit the original certificate request. If they ask this then to get the original request in Wallet Manager , Open the Wallet and select Operations -> Export Certificate Request.)
2. Make a copy of the existing wallet i.e backup the ewallet.p12 file
3. Open the existing Wallet with Wallet Manager
4. Select “Certificate: Ready”
5. Select “Operations” -> “Export User Certificate” and save to a file i.e oldcert.crt
6. Select “Operations” -> “Remove User Certificate”. At this point the Certificate should say
“Certificate: Requested”
7. Select “Operations” -> “Import User Certificate”. Select the new certificate file issued by the
Certificate Authority
8. The Certificate should now say “Certificate Ready”
9. Save the wallet.
10. Restart the component that uses the Wallet i.e Webcache, HTTP Server, or Database, as the Wallet is stored in memory and will not be re-read until the component is restarted
Note: For 9.0.2./9.0.3 be aware of a problem where after Step 7 above, that the old certificate may be visible in the Wallet instead of the new one. To get round this follow the steps below:
1. Revert to the Wallet backup
2. Open the Wallet
3. Export the old certficate to a file:
“Operations” -> “Export User Certificate” eg. old.crt
4. Import the new certificate:
“Operations -> “Import User Certificate”
5. At this point the old certificate will appear
6. “Select Operations” -> “Remove User Certificate”
7. “Select Operations” -> “Import User Certificate” and select the old certificate e.g old.crt
8. At this point the new certificate appears
9. Save the Wallet and Exit.
