Importing certificate to OAS .p12 wallet file

Similar Messages

• Wallet file question

  Hi all
  Oracle 10.2.0.5 wallet
  We are using wallet file and in that "Certificate(Ready) expires at Sep 2012. I could also find the trusted certificates added which expires at Oct 2030. Is this means I have the certificates till 2030 or I need to get a certificate from the provider and import them again. What does "Certificate(Read) means?
  thanks for you assistance.

  Hello Alan,
  I guess with 10.1.2.0.2 Oracle AS B2B , we do not have this constraint. B2B reads directly from the p12 wallet file. Let me know.
  Rgds,Ramesh

• How to import a password protected p12 certificate to keystore?

  Hi all,
  I am new in java security programming.
  And I got something very urgent need your help..
  How to import a password protected p12 certificate to keystore programmatically?
  Does anyone have sample codes on this issue?
  thanks very much
  Wyan

  Hi omslion,
  I responded to a similar post from you (and moved it to the Acrobat forums). Password protecting a file requires Adobe Acrobat. You are welcome to download a free 30-day trial of Acrobat. For more information, see www.adobe.com/products/acrobat.html.
  Best,
  Sara

• Importing Certificate in Oracle Wallet Manager fails

  Hi,
  We are using Oracle Application Server 10g Release 2. When I try to import a certificate issued by a certificate authority, (using Operations > Import User Certificate), the wallet returns the following error:
  User certificate installation failed.
  Possible errors:
  - Input was not a valid certificate
  - No matching certificate request was found
  - CA certificate needed for certificate chain not found. Please install it first
  The certificate is obtained after raising a Certificate Request from the wallet manager.But I am not sure whether we have saved the wallet after raising the certificate request.
  Now I have the certificate issued by the CA. Is there any way that I can import this certificate.? what is the possible solution?
  Thanks & Regards,
  Rafeek.

  Did you import CA certificate as a trusted certificate before importing the user certificate. If not, import CA cert first. To make sure you have saved the certificate request, please open the wallet and see if it exists. Hope this helps.
  Rgds,Ramesh

• OTC ssl.conf file does not have ssl wallet file location details

  Hi B2B Gurus,
  While doing the HTTPS configuration in OTC we observed that some of lines were missing in ssl.conf file located at <Oracle_Home>\Apache\Apache\conf. The below mentioned lines are missing in OTC’s ssl.conf but present in OracleB2B’s ssl.conf
  Even ssl wallet file location is also missing in OTC ssl.conf file as mentioned below.
  Can u please let us know as why these lines are missing or should we manually add these lines when we do HTTPS on OTC ?
  Listen 4444
  <VirtualHost default:4444>
  # General setup for the virtual host
  DocumentRoot "E:\Oracle_b2b\cachehome\Apache\Apache\htdocs"
  ServerName DSCP17506.TechMahindra.com
  ServerAdmin [email protected]
  ErrorLog "|E:\Oracle_b2b\cachehome\Apache\Apache\bin\rotatelogs logs/error_log 43200"
  TransferLog "|E:\Oracle_b2b\cachehome\Apache\Apache\bin\rotatelogs logs/access_log 43200"
  Port 443
  # SSL Engine Switch:
  # Enable/Disable SSL for this virtual host.
  SSLEngine on
  # SSL Cipher Suite:
  # List the ciphers that the client is permitted to negotiate.
  SSLCipherSuite ALL:!ADH:!EXPORT56:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
  # Server Wallet:
  # The server wallet contains the server's certificate, private key
  # and trusted certificates. Set SSLWallet at the wallet directory
  # using the syntax: file:<path-to-wallet-directory>
  SSLWallet file:E:\Oracle_b2b\cachehome\Apache\Apache\conf\ssl.wlt\default
  # Certificate Revocation Lists (CRL):
  # Set the CA revocation path where to find CA CRLs for client
  # authentication or alternatively one huge file containing all
  # of them (file must be PEM encoded)
  # Note: Inside SSLCARevocationPath you need hash symlinks
  # to point to the certificate files. Use the provided
  # Makefile to update the hash symlinks after changes.
  #SSLCARevocationPath conf\ssl.crl
  #SSLCARevocationFile conf\ssl.crl\ca-bundle.crl
  # Client Authentication (Type):
  # Client certificate verification type and depth. Types are
  # none, optional and require
  #SSLVerifyClient require
  # Access Control:
  # With SSLRequire you can do per-directory access control based
  # on arbitrary complex boolean expressions containing server
  # variable checks and other lookup directives. The syntax is a
  # mixture between C and Perl. See the mod_ssl documentation
  # for more details.
  #<Location />
  #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)-/ \
  # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
  # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
  # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
  # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
  # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
  #</Location>
  # SSL Engine Options:
  # Set various options for the SSL engine.
  # o FakeBasicAuth:
  # Translate the client X.509 into a Basic Authorisation. This means that
  # the standard Auth/DBMAuth methods can be used for access control. The
  # user name is the `one line' version of the client's X.509 certificate.
  # Note that no password is obtained from the user. Every entry in the user
  # file needs this password: `xxj31ZMTZzkVA'.
  # o ExportCertData:
  # This exports two additional environment variables: SSL_CLIENT_CERT and
  # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
  # server (always existing) and the client (only existing when client
  # authentication is used). This can be used to import the certificates
  # into CGI scripts.
  # o StdEnvVars:
  # This exports the standard SSL/TLS related `SSL_*' environment variables.
  # Per default this exportation is switched off for performance reasons,
  # because the extraction step is an expensive operation and is usually
  # useless for serving static content. So one usually enables the
  # exportation for CGI and SSI requests only.
  # o CompatEnvVars:
  # This exports obsolete environment variables for backward compatibility
  # to Apache-SSL 1.x, mod_ssl 2.0.x, Sioux 1.0 and Stronghold 2.x. Use this
  # to provide compatibility to existing CGI scripts.
  # o StrictRequire:
  # This denies access when "SSLRequireSSL" or "SSLRequire" applied even
  # under a "Satisfy any" situation, i.e. when it applies access is denied
  # and no other module can change it.
  # o OptRenegotiate:
  # This enables optimized SSL connection renegotiation handling when SSL
  # directives are used in per-directory context.
  #SSLOptions FakeBasicAuth ExportCertData CompatEnvVars StrictRequire
  <Files ~ "\.(cgi|shtml)$">
  SSLOptions +StdEnvVars
  </Files>
  <Directory "E:\Oracle_b2b\cachehome\Apache\Apache\cgi-bin">
  SSLOptions +StdEnvVars
  </Directory>
  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
  # Per-Server Logging:
  # The home of a custom SSL log file. Use this when you want a
  # compact non-error SSL logfile on a virtual host basis.
  CustomLog E:\Oracle_b2b\cachehome\Apache\Apache\logs\ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
  </VirtualHost>
  Thanks for your help in Advance.
  Regards,
  Priyanka

  Hi Ramesh,
  We added the missing entries in ssl.conf file and tested it out. It is working fine. When we did slient install we are facing this error, we found that this is a bug in 10.1.2.3 AS patch (5983622) silent install. Raised an SR on this and Support is working to get this fixed.
  Regards,
  Priyanka

• Import certificate from trading partner

  Hi
  I got a certificate from my trading partner. (Communication is AS2)
  Now I have to import it to my B2B and use it while communicating with him
  Can someone tell me how to import this so that I can select the certificate in the Security tab?
  Thanks
  Vijay Sai.S

  Hi,
  In Case of 10g using oracle wallet manager import trusted trading partner certificate.
  In case of AS11G use the below command to import the trading partner certificate into jks,
  keytool -importcert -file -keypass
  Please also look into the below link for more details,
  http://blogs.oracle.com/oracleb2bgurus/2009/08/certificate_management_in_11g.html
  Regards
  Nandagopal

• Importing Certificates into Blackberry Z10 Key Store.

  Currently, on the development network, we have stood up a BES10 server with a few Blackberry Z10 phones deployed. Using BES10, we are able to push the Root CA certificate for our developmental CA. We are currently unable to import the client's certificates (identity, encryption or signing) in *.p12 or *pfx format onto the device. We have tried numerous methods with limited success. Originally, we emailed a certificate using the work email exchange server and were able to view the certificates on the BB device. We are even able to select "Import certificate," submit the correct password and are presented with a messages stating "Certificate successfully imported." However, looking at the trust store or the S/MIMIE settings, none of the client's certificates are avaliable. 
  After some research, we followed the steps highlighted in tech support listed at http://docs.blackberry.com/en/smartphone_users/deliverables/47561/als1342708099072.jsp. After following the instructions on screen, selecting the appropriate certificates to import and presenting the correct PIN, the device attemps to import the certs. The device then states "0/3 certificates succesfully imported" and the process has failed.
  Is there a log file avaliable to see what is causing the import to fail or is there an additional step we are missing? Any support would be helpful, thank you in advance. 

  Hey Shah_jeet,
  Welcome to the BlackBerry® Support Community Forums.
  Are you importing the certificate using a USB connection or using a Wi-Fi connection?
  Thanks.
  -HB
  Come follow your BlackBerry Technical Team on twitter! @BlackBerryHelp
  Be sure to click Kudos! for those who have helped you.Click Solution? for posts that have solved your issue(s)!

• STRUST Import Certificate to ABAP engine.

  Hi All,
  I'm importing Certificate into ABAP for first time.
  Can you please tell me the steps to do that.
  T-code: STRUST
  SSL Client Ananymos
  On the right panel click on Import and then browse the certificate?
  I did browsed the zip file which contains 6 certificates and now I'm getting this error
  "Cannot analyze certificat" after selection in "Import"
  Can you please tell me the steps to completed the import of certificates into ABAP engine. so that I can use it in SM59 HTTP destination type G.
  Is there any blog for that ?
  Thanks
  Newi

  Hi,
  Go through below links these might help you.
  http://help.sap.com/saphelp_nw70ehp1/helpdata/en/a6/f19a3dc0d82453e10000000a114084/content.htm
  http://help.sap.com/saphelp_nw70ehp1/helpdata/en/14/29236de1864c6e8d46e77192adaa95/content.htm

• Create a Distribution Certificate as a p.12 file in Keychain Access not working?

  I need to create a Distribution Certificate as a p.12 file. I downloaded my ios_distribution.cer file from iOS Provisioning Portal/Certificates/Distribution/Download but this file will not install on my Keychain Access Certificates. Once installed I need to export as .p12. Why can't I install this .cer file to my keychain access? Thanks

  Hi EDUR142, did you find a way round this? If so, please let me know.
  I currently can see that these certificates are there in Keychain Access under System'Certificates'.
  However in System'Keys' the relevant keys are not there. And in Login'Keys' there are 4 keys that might be the correct ones: 2 public keys, 2 private keys. BUT they do not have an arrow on the left so I cannot see if the correct certificate is associated with them (as it described in the Adobe step by step guide to DPS pg19).
  If this is simliar to your issue last year, and you found a solution, pls reply. Thank you.

• Import certificate to E51

  Hi,
  I'm having a problem when trying to import certificates to my Nokia E51. When i downloaded the file from the web, my phone keep saying “File Corrupted”.
  I have tried using other web solution and also uploading files to my own web server and setting the MIME types. Both ways i get the same result.
  Anyone have any idea why its say corrupt?
  Thanks
  Billy

  Hello,
  It depends which type of certificat you would like to import.
  Anyway crypto ca import command is a good start.
  You can find 2 examples of certificates import here:
  http://www.fcug.fr/cisco-asa-importer-un-certificat-pkcs12 and http://www.fcug.fr/migrer-un-certificat-ssl-de-vpn3000-vers-asa
  Thanks

• E-Sourcing importing Certificate to the Keystore

  Hi gurus
  We are currently stuck while we try to implement LDAP integration. We are trying to import the secure SSL certificate into the keystore under java home on our server and it is not recognising the imported certificate.
  Syntax we are using is:
  C:\j2sdk1.4.2_14\jre\bin>keytool -import -trustcacerts -alias us01.apmn.org -file D:\eso\keystore\agi76_ssl_response.crt -keystore C:\j2sdk1.4.2_14\jre\lib\security\cacerts
  It says successfully imported. However we are not able to Synchronize our Microsoft AD on 636 port.
  Our certificates are issued by a Certificate Server not an AD Domain controller. Does this matter?
  PLEASE HELP
  Thanks
  JS
  Edited by: JS on Jul 30, 2009 9:34 PM
  Edited by: JS on Jul 30, 2009 9:35 PM

  I finally succeeded in importing an image with a file location. The problem is the DataLocationID you had to provide. This is a GroupNode and it´s a hierarchical structure. You had to split the filename into the path components and create nodes in the tree for every component.

• Can't save master password nor import certificates

  Hi,
  I have a problem trying to sign a document with a certificate. I had imported it when I was using Firefox 3.6 and it used to work ok to identify myself to log in to some site. However, I never tried to sign a document with that certificate. (I work with a Mac, in case that is relevant.)
  I recently uploaded to Firefox 4, and now I try to sign a document. Ok, so Firefox asks me for my master password. I had not set one (or I can't remember), so what I did is to "reset" the master password. Now, I try to set a new master password: I fill in the fields, click "Accept"... but it doesn't do anything, so the master password can't be set.
  Also, if I try to import a certificate (which was removed when I reset the master password), I can choose the file and choose a password for it, but again when I click "Accept" the password is not set: simply nothing happens.
  Has anyone else had these problems? Is it a Firefox4 issue or did it also happen before? How can I solve it?
  Thanks in advance!
  jordimp

  Hi, I had the same problem, and I read somewhere that according to a mozilla knowledgebase article, the master password is a requirement for importing certificates (although the corresponding KB page is now unavailable)
  I tried the following and it worked for me:
  - export the certificates to the desktop
  - delete the certificates from firefox
  - set a master password on firefox (preferences - security - use master password)
  - import the backed up certificates
  You should now be able to sign.
  Hope this helps

• Importing Certificates for all users on a machine

  How do I import certificates for all users on a machine in Windows/OSX.
  Since firefox does not use the system store and uses its own, we have been able to use a utility called certutil to add certificate to a user's firefox db on Linux. So if the user logs into any Linux system on our network he will have those certs in his trusted root cert authority for firefox. Unfortunately this does not carry over to firefox on osx as I am not sure why since it should carry over if the user's home is network. Then we have Windows users who basically have local accounts and we are looking for some solution to have it set up for all users without having to manually import for each user. Any ideas would be much appreciated.
  Thanks

  See CCK Wizard: https://addons.mozilla.org/firefox/addon/cck/
  You can use a mozilla.cfg file in the Firefox program folder to lock prefs or specify new (default) values.
  Place a file local-settings.js in the defaults\pref folder where you also find the file channel-prefs.js to specify using mozilla.cfg.
  pref("general.config.filename", "mozilla.cfg");
  pref("general.config.obscure_value", 0); // use this to disable the byte-shift
  See:
  *http://kb.mozillazine.org/Locking_preferences
  These functions can be used in the mozilla.cfg file:
  defaultPref(); // set new default value
  pref(); // set pref, but allow changes in current session
  lockPref(); // lock pref, disallow changes

• Importing Certificates

  I wanted to create certificates programmatically. One tutorial showed me that I can execute a command within my program, such as:
  String [] arstringCommand = new String []
  System.getProperty("java.home") + File.separator + "bin" + File.separator + "keytool",
  "-genkey",
  "-keyalg", "RSA",
  "-keysize", "1024",
  "-dname", "CN=" + ip,
  "-keystore", stringKeyStore,
  "-keypass", stringPassword,
  "-storetype", "JKS",
  "-storepass", stringPassword
  Process process = Runtime.getRuntime().exec(arstringCommand);
  process.waitFor();
  I tried to use the same technique for importing certificates, I wrote the following code:
  String [] exportCommand = new String []
       System.getProperty("java.home") + File.separator + "bin" + File.separator + "keytool",
       "-import",
       "-v",
       "-alias", stringIdentity,
       "-file", directory+"qmqasim.cer",
       "-keystore", directory+"TrustManager",
       "-storepass", stringPassword     
       System.out.println("importing sjjjjjj ");
       Process process1 = Runtime.getRuntime().exec(exportCommand);
       System.out.println("importing sjjjjjj ");
       //process1.waitFor();
  But it did not create the TrustStore.
  After some time, I printed out the error messages for the process:
  InputStream inputstream5 = process1.getErrorStream();
       IOUtils.copy(inputstream5, System.out);
  And found out that when I tried to import the certificate, an error was thrown. The error message is very interesting. it said:
  'Trust this certificate [no]:'
  I know when we import certificates, we are asked it we want to trust the certificates. But why get this as error message.
  So my question are:
  Is there any way I can import programmatically,
  OR
  how can i get rid of this error message and use some sort of PrintStream to enter "yes"
  regards

  you can use sun.security.tools.KeyTool class :
  String lParam [] = {"-import",
                                "-alias",myAlias,
                                "-file",myFile,
                                "-keystore",myKeyStore,
                                "-storepass",myPass,
                                "-noprompt"};
       sun.security.tools.KeyTool.main(lParam);

• I'm a new Mac user. I imported photos from my PC they ended up in iphoto library on the hard drive, but when I open iphoto from my dock its empty. How do I import those photos to the dock file?

  I'm a new Mac user. I imported photos from my PC through a jump drive and they ended up in my iphoto library on the hard drive but when I open iphoto from the dock its empty. How do I import those photos to the dock file from the iphoto library?

  Paragon Software has the most reliable NTFS driver for Mac
  tips on importing and organizing, transferring from Windows etc
  http://www.apple.com/support/itunes
  http://www.ilounge.com