Ask a Question

Managed PKI for SSL - Installation Instructions for Oracle Wallet Manager

Solution

INFO


This document provides installation instructions for Oracle Wallet Manager. If you are unable to use these instructions for your server, Symantec recommends that you contact Oracle.

Step 1.  Download the Root and Intermediate CA Certificates

         NOTE: Ensure that the appropriate Root and Intermediate CA certificates have been downloaded for you SSL product type.
         To check which certificate has been purchased, follow the steps from this link: SO22021

  1. Download the Root CA certificate for your SSL product under Managed PKI for SSL section from this link:  SO4785
  2. Download the Intermediate CA certificate from this link:
  3. Select the appropriate Intermediate CA certificate for your SSL Certificate type.
  4. Copy the certificate into a text file using Vi or Notepad.
    NOTE: Do not use Microsoft Word or other word processing programs that may add characters.
  5. Make sure there are 5 dashes to either side of the BEGIN CERTIFICATE and END CERTIFICATE and that no white spaces, extra line breaks or additional characters have been inadvertently added.
  6. Save the file as intermediate.txt


Step 2.  Import the Root and Intermediate Certificate

         NOTE: You must add all trusted certificates in the certificate chain of a user certificate before adding a user certificate, or the command
         to add the user certificate will fail.

  1. Open Oracle Wallet Manager
  2. Select Operations > Import Trusted Certificate
  3. Import the Root CA certificate
  4. Select Paste the Certificate
  5. Click OK
  6. Paste the certificate into the text box
  7. Click OK
  8. A message at the bottom of the window confirms that the trusted certificate was successfully installed.
  9. Save changes to the Wallet after importing the Trusted Root Certificate and before closing the Wallet.
  10. Repeat these steps to install the Intermediate CA certificate.
     

Step 3. Obtain the SSL Certificate

  1. Once your Managed PKI for SSL administrator has approved your Certificate request, you will receive an email with
    the Certificate attached (cert.cer), as well as in the body of the email itself.
  2. Copy the certificate, imbedded in the body of the email and paste it into a text file using Vi or Notepad.
    NOTE: Do not use Microsoft Word or other word processing programs that may add characters.
    Confirm that there are no extra lines or spaces in the file.

    The text file should look like:

    -----BEGIN CERTIFICATE-----

              [encoded data]

    -----END CERTIFICATE-----

    NOTE: To download the certificate from your Managed PKI for SSL subscriber services page, see solution SO6621
    Please select X.509 as a certificate format and copy only the End Entity Certificate.
     
  3. Save the certificate as public.txt


Step 4.  Import the Certificate

  1. From the Operations menu, click Import User Certificate. The Import Certificate dialog box appears.
  2. Click Paste the certificate, and then click OK.
  3. Another Import Certificate dialog box appears with the following message:
    "Please provide a base64 format certificate and paste it below. Paste the certificate into the dialog box, and choose OK."
  4. Click OK.
  5. When this is completed a message at the bottom of the window confirms that the certificate was successfully installed.
  6. The Oracle Wallet Manager main window reappears, and the status of the corresponding entry in the left panel subtree changes to Ready.

    NOTE:During the certificate installation you might receive following error: 
    "User certificate import has failed because the CA certificate does not exist".

    To resolve the issue, follow the steps from this link: SO5535
     
  7. Verify your installation with the Symantec Installation Checker


Oracle

          For more information refer to Oracle Support