1)Significance of file present in the wallet directory:-
In Oracle Application Server10g, Oracle Wallets are created with:
Oracle Wallet Manager GUI (OWM)
ORAPKI command line tool
With these tools you can create a PKCS12 compliant wallet that can be used with the C based system components for example, Oracle HTTP Server, Oracle WebCache, Oracle Internet Directory, and OPMN.
When creating a Wallet you specify a Password. This password is required for *every* Wallet based operation i.e Open Wallet, Import Certificates, Export Certificates etc.
You can also specify the "Auto-Login" option via a checkbox in OWM, or by specifying "-ssowallet yes" via orapki, This functionality allows C based components to access the Wallet on startup, without specifying the Wallet password in the component configuration.
When creating a Wallet, a file called "ewallet.p12" is generated.
When specifying Auto-Login, an additional file called "cwallet.sso" is generated.
2)The information on certificate has value and start and end date could be viewed from browser by moving the cursor to the site where you get "view more information"
In view more information go to Connection and select "Certificate Information" where in the general tab it could be observed the start and end dates would be mentioned.
You say that I need OWM to renew certificate however it seems that I can do it orapki as well.
orapki wallet add -wallet wallet_location -dn user_dn -keySize 512|1024|2048
Can you please validate if that is right ?
I am unable to open the wallet in OWM. I do not know the password for that. As password in our utility does not match. I did google and it seems there is no straight forward way to do reverse engineering for password. If the certificate is geting expired can I just import the renewed certificate in OWM or I have to agin go through cycle of CSR etc ?
Disappointed to see that there is no utility to get password for the wallet.
As the password has been mismatched or forgotten you need to get ta new certificate so you need to go through cycle of CSR as Wallet cannot be opened in OWM in-order to import the new certificate.
Due to security reasons Oracle does not provide any utilities to encrypt the password.
Thank God, I got that password ! Holy Moly
When I open Wallet I see three rows.
Direct Underneath wallet there is a entry of *certificate(ready)* it has an expiry and which I want to renew(2014)
Direct Underneath wallet there is another second row of "Trusted Certificates"
Just underneath this one(Trusted Certificates) I see two rows
<name of our company> Issuing CA 1 this has an expiry of 2016
<name of our company> Root CA this has an expiry of 2017
What is exactly these two row which indicate 2016 and 2017 expiry ? so are there three certificates ? but If I run orapki command it only shows one certificate. Can you shed some light here .
Thanks in advance.