When the Certificate Authority grants you a certificate, it may send you an e-mail that has your certificate in text (BASE64) form or attached as a binary file. You can import the user certificate using the following methods:
Note:
Certificate authorities may send your certificate in a PKCS #7 certificate chain or as an individual X.509 certificate. Oracle Wallet Manager can import both types.
PKCS #7 certificate chains are a collection of certificates, including the user's certificate and all of the supporting trusted CA and subCA certificates.
In contrast, an X.509 certificate file contains an individual certificate without the supporting certificate chain.
However, before you can import any such individual certificate, the signer's certificate must be a Trusted Certificate in the wallet.
Copy the certificate, represented as text (BASE64), from the e-mail message. Include the lines Begin Certificate and End Certificate.
Start Oracle Wallet Manager.
(UNIX) At the command line, enter the following command:
owm
(Windows) Select Start, Programs, Oracle-HOME_NAME, Integrated Management Tools, Wallet Manager
If the wallet is closed, then open it by selecting Open from the Wallet menu. When prompted, select the wallet directory location, and then enter your wallet password.
Select Operations, Import User Certificate.
The Import Certificate dialog box is displayed.
Select Paste the certificate, and then click OK.
Another Import Certificate dialog box is displayed with the following message:
Please provide a base64 format certificate and paste it below.
Paste the certificate into the dialog box, and click OK.
If the certificate received is in PKCS#7 format, it is installed, and all the other certificates included with the PKCS#7 data are placed in the Trusted Certificate list.
If the certificate received is not in PKCS#7 format, and the certificate of its CA is not already in the Trusted Certificates list, then more must be done. Oracle Wallet Manager will ask you to import the certificate of the CA that issued your certificate. This CA certificate will be placed in the Trusted Certificates list. (If the CA certificate was already in the Trusted Certificates list, your certificate is imported without additional steps.)
After either (a) or (b) succeeds, a message at the bottom of the window confirms that the certificate was successfully installed. You are returned to the Oracle Wallet Manager main panel, and the status of the corresponding entry in the left panel subtree changes to [Ready].
Note:
The standard X.509 certificate includes the following start and end text:
-----BEGIN CERTIFICATE----- -----END CERTIFICATE-----
A typical PKCS#7 certificate includes more, as described earlier, and includes the following start and end text:
-----BEGIN PKCS7----- -----END PKCS7-----
You can use the standard Ctrl+c to copy, including all dashes, and Ctrl+v to paste.
The user certificate in the file can be in either text (BASE64) or binary (der) format.
Start Oracle Wallet Manager.
(UNIX) At the command line, enter the following command:
owm
(Windows) Select Start, Programs, Oracle-HOME_NAME, Integrated Management Tools, Wallet Manager
If the wallet is closed, then open it by selecting Open from the Wallet menu. When prompted, select the wallet directory location, and then enter your wallet password.
Select Operations, Import User Certificate. The Import Certificate dialog box is displayed.
Select Select a file that contains the certificate, and click OK. Another Import Certificate dialog box is displayed.
Enter the path or folder name of the certificate file location.
Select the name of the certificate file (for example, cert.txt, cert.der).
Click OK.
If the certificate received is in PKCS#7 format, it is installed, and all the other certificates included with the PKCS#7 data are placed in the Trusted Certificate list.
If the certificate received is not in PKCS#7 format, and the certificate of its CA is not already in the Trusted Certificates list, then more must be done. Oracle Wallet Manager will ask you to import the certificate of the CA that issued your certificate. This CA certificate will be placed in the Trusted Certificates list. (If the CA certificate was already in the Trusted Certificates list, your certificate is imported without additional steps.)
After either (a) or (b) succeeds, a message at the bottom of the window confirms that the certificate was successfully installed. You are returned to the Oracle Wallet Manager main panel, and the status of the corresponding entry in the left panel subtree changes to [Ready].