Re: Renewing an SSL certificate in Advanced Security

• From: "Jason Heinrich" <jheinrichdba@xxxxxxxxx>
• To: mkb <mkb125@xxxxxxxxx>
• Date: Fri, 14 Dec 2007 16:17:55 -0600

Yes, I have the initial certificate installed via orapki, and SSL works
beautifully.  It's obtaining a new certificate when the original expires
that I'm having trouble with.  I tried the process with OWM as you
suggested, and that seemed to work.  It seems that orapki was something of
an afterthought to Oracle.  It's too bad: I really wanted to script the
whole process, but this is the second activity I've run into that requires
OWM (the first was removing unused trusted certificates).  Unless, as Amir
suggested, I create a new wallet and replace the old one.

On 12/14/07, mkb <mkb125@xxxxxxxxx> wrote:
>
> I'm not sure I quite follow.  I assume you generated a certificate request
> (something like this perhaps? orapki wallet add -wallet wallet_location -dn
> user_dn -keySize 512|1024|2048)
>
> Then you exported the certificate request and got it signed from your CA,
> right?
>
> You should have gotten back a root certificate from your CA and a signed
> user certificate.  The root cert would have been imported into the wallet
> with something like this:
> orapki wallet add -wallet . -trusted_cert -cert cacert.pem
>
> The signed user certificate would have been imported into the wallet using
> something like this:
> orapki wallet add -wallet . -user_cert -cert newcert.pem
>
> If you want to create a new signed user certificate, you will need to
> create a user certificate request, export the request and then submit it to
> the CA and get it signed.  Once it is signed, you only need to import the
> user signed certificate and not the root chain (assuming you got it signed
> from the same CA).
>
> I think I had some problems with the orapki utility when trying to import
> certs but when I used the GUI it seemed to work fine.  You might try using
> the GUI first (owm) and see if that solves the problem.
>
> --
> mohammed
>
>
> You then created a certificate request
>
> ------------------------------
> Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it
> now.<http://us.rd.yahoo.com/evt=51733/*http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ+>
>



-- 
Jason Heinrich

• References:
  • Re: Renewing an SSL certificate in Advanced Security
    • From: mkb

Other related posts:

• » Renewing an SSL certificate in Advanced Security
• » Re: Renewing an SSL certificate in Advanced Security
• » Re: Renewing an SSL certificate in Advanced Security
• » Re: Renewing an SSL certificate in Advanced Security
• » Re: Renewing an SSL certificate in Advanced Security
• » Re: Renewing an SSL certificate in Advanced Security
• » Re: Renewing an SSL certificate in Advanced Security

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page
• » View list details
• » Manage your subscription