Ask a Question

Advanced Search

Solution ID : SO14928

Last Modified : 06/04/2018

Install SSL Web Server Certificate in Oracle Wallet Manager

Problem

Install SSL Web Server certificate in Oracle
Install SSL Web Server certificate on Oracle Wallet Manager

Solution

To install a SSL Web Server Certificate on Oracle Wallet Manager, peform the following steps:
 
Step 1: Obtain the Thawte Root & SSL Web Server Intermediate CA certificate
 
  1. Download the Thawte Root CA certificate

    Note: Copy and save the Thawte Root CA contents into a text file. Be sure to use a text editor such as Notepad or Vi.
    For the Root CA, name the file rootca.cer
     
  2. Download the SSL Web Server Intermediate CA certificate

    Note: Copy and save the Intermediate CA contents into a text file. Be sure to use a text editor such as Notepad or Vi.
    For the Intermediate CA, name the file intermediate.cer
     
Step 2: Import the Thawte Root CA
 
Note: You must add all trusted certificates in the certificate chain of a user certificate before adding a user certificate, or the command to add the user certificate will fail.Also remember to save changes to the Wallet after importing the Trusted Root Certificate and before closing the Wallet. 
 
  1. Get a copy of root certificate, described in Step 1
     
  2. Launch Oracle Wallet Manager.
     
  3. Click Operations and select Import Trust Certificates from the menu
     
  4. When the Import Trusted Certificate window appears, click Paste the Certificate and click OK.
     
  5. When the message "Please provide a base64 format certificate and paste it below" appears, paste the entire contents of Thawte Root CA text into the box and click OK.
     
  6. A message should appear that the import was successful and you will see the Root Certificate at the bottom of the Trusted Certificates tree.
     
Step 3: Import the SSL Web Server Intermediate CA

Note:
You must add all trusted certificates in the certificate chain of a user certificate before adding a user certificate, or the command to add the user certificate will fail. Also remember to save changes to the Wallet after importing the Intermediate CA Certificate and before closing the Wallet.
 
  1. Get a copy of Intermediate CA, described in Step 1
     
  2. Launch the Oracle Wallet Manager.
     
  3. Click Operations > Import Trust Certificates from the menu.
     
  4. When the Import Trusted Certificate window appears, click Paste the Certificate and click OK.
     
  5. When the message "Please provide a base64 format certificate and paste it below" appears, paste the entire contents of the SSL Web Server Intermediate Certificate text into the box and click OK.
     
  6. A message should appear that the import was successful and you will see the Intermediate Certificate at the bottom of the Trusted Certificates tree.
     
Step 4: Import the SSL Web Server certificate
 
  1. After receiving the approval email sent from Thawte, download the attached cert.cer file or copy the embedded text in the approval message to a .txt file.

    Note: To download a copy of SSL Web Server certificate in X.509 format, refer to the steps in this solution
     
  2. Click Operations > Import User Certificate from the menu bar.
     
  3. The Import Certificate dialog appears.
     
  4. Select the Paste the Certificate radio button, and click OK.
     
  5. The Import Certificate dialog appears.
     
  6. Paste the entire contents of the SSL Web Server Certificate file and click OK.
     
  7. When this is completed a message at the bottom of the window confirms that the certificate was successfully installed. The Oracle Wallet Manager main window reappears, and the status of the corresponding entry in the left panel subtree changes to Ready.
     

Note: The actual certificate request becomes part of the wallet. Any certificate request can be reused to obtain a new certificate. However, an existing certificate request cannot be modified.
 

Step 5: Verify the certificate installation
 

If the above method does not work then create a new wallet in wallet manager, generate a new CSR and perform a certificate replacement.