----- Original Message -----
Sent: Wednesday, March 07, 2001 12:31
PM
Subject: RE:Oracle wallet Manger and
Being my own CA
I called Oracle and asked the same question. They said
that is was a bug in their client software that prevent SSL V3 from being
acceptable. So I dropped it down to SSL V1, and all works fine.
Original message below--------------
Oracle has a handy little tool called Oracle Wallet Manager (OWM), and by
'handy' I mean 'pain in the neck.' Anyways, in order to secure
your
transmissions via the oracle client you have to use the OWM.
Right! I am
not going to go into detail about OWM. Suffice it
to say that when you
create a wallet, in OWM, it creates a key and a csr
(which are not inter
changeable with other KEY/CSR/CRT pairs.) So, I want
to become my own CA so
I can sign my own certs with out having to pay big
money to VeriSign or
Thawte. So I followed the instruction on using
openssl and CA.pl to create
my own self signed root CA. All goes
well! Then I try to import my self
signed root CA (cacert.pem) into
the OWM as a trust point and it fails
saying that the cert is
invalid. I then tried to import the same cacert.pem
into MSIE.
It works fine. I then export the cert form MSIE to x509 etc
format
and import it back into OWM. It fails again. I have searched hi
and
lo for info on what type of format OWM expects for its trust point
certs. I
have had success importing the Thawte and VeriSign test
certs. So I am
wondering, am I doing something wrong as the
CA? I have tried exporting the
cacert.pem to DER format and still
no-go. Am I using the correct cert
(cacert.pem) as the CA?
Does anyone else have any experience with being
their own CA and OWM?
--
#######################################
# Christian Ullman
# Software Development Engineer
# Verio Inc.
# [EMAIL PROTECTED]
# 801.437.7474 - Phone
#######################################