반응형

ohs 11.1.1.7이하

sha2 방식 wallet에서 안되는 현상

 

JKS 생성하여 wallet으로 변환

#keytool 사용하여 keystore 생성 CSR/SHA2

https://support.oracle.com/epmos/faces/DocumentDisplay?_afrLoop=445945205532288&parent=DOCUMENT&sourceId=1939223.1&id=1230333.1&_afrWindowMode=0&_adf.ctrl-state=168kaot9un_98

#orapki 사용하여 keystore를 oracle wallet으로 변환

https://support.oracle.com/epmos/faces/DocumentDisplay?_afrLoop=445952969654086&id=1391991.1&_adf.ctrl-state=168kaot9un_196

 

# JKS 생성

1. 키스토어 생성

keytool -genkey -alias <alias> -keyalg RSA -keysize 1024 -sigalg SHA256withRSA -dname <dn> -keypass <password> -keystore <keystore> -storepass <password>

"C:\Program Files\Java\jdk1.7.0_72\bin\keytool" -genkey -alias cnrcdms.com -keyalg RSA -keysize 2048 -sigalg SHA256withRSA -dname "CN=cnrcdms.com,O=C&R RESEARCH Inc.,L=Gangnam-gu,S=Seoul,C=KR" -keypass cdms1234 -keystore D:\keystore.jks -storepass cdms1234

 

2. 키스토어 확인

keytool -list -v -keystore <keystore> -storepass <password>

"C:\Program Files\Java\jdk1.7.0_72\bin\keytool" -list -v -keystore D:\keystore.jks -storepass cdms1234

 

3. CSR 생성

keytool -certreq -v -alias <alias> -file <filename> -sigalg SHA256withRSA -keypass <password> -storepass <password> -keystore <keystore>

"C:\Program Files\Java\jdk1.7.0_72\bin\keytool" -certreq -v -alias cnrcdms.com -file D:\cdms.csr -sigalg SHA256withRSA -keypass cdms1234 -storepass cdms1234 -keystore D:\keystore.jks

 

4. CA's root cert 임포트

keytool -import -v -noprompt -trustcacerts -alias <alias> -file <rootca_file> -keystore <keystore> -storepass <password>

ex) keytool -import -v -noprompt -trustcacerts -alias rootcacert-file rootCA.cer -keystore keystore.jks -storepass welcome

 

5. server cert 임포트

keytool -import -v -alias <alias> -file <server_cert_file> -keystore <keystore> -keypass <password> -storepass <password>

ex) keytool -import -v -alias server_cert -file server.cer -keystore keystore.jks -keypass welcome -storepass welcome

 

6. 키스토어 확인

keytool -list -v -keystore <keystore> -storepass <password>

"C:\Program Files\Java\jdk1.7.0_72\bin\keytool" -list -v -keystore D:\keystore.jks -storepass cdms1234

 

 

# JKS to wallet 변환

1. wallet 생성

export JAVA_HOME

$MIDDLEWARE_HOME/oracle_common/bin/orapki wallet create -wallet <path> -auto_login

/was/webtier/Middleware/oracle_common/bin/orapki wallet create -wallet /was/webtier/Middleware/nwallet -auto_login

 

2. 변환

$MIDDLEWARE_HOME/oracle_common/bin/orapki wallet jks_to_pkcs12 -wallet <wallet_location_from_Step2> [-pwd <wallet_pwd>]  -keystore <keystore_location_from_Step1>/ewallet.jks -jkspwd <Step1_pwd>

/was/webtier/Middleware/oracle_common/bin/orapki wallet jks_to_pkcs12 -wallet /was/webtier/Middleware/wallet -pwd cdms1234 -keystore /was/webtier/Middleware/keystore/cnrcdms.com.jks -jkspwd cdms1234

 

반응형
저작자표시 비영리 변경금지

' > WEB' 카테고리의 다른 글

iplanet 설치  (0) 2019.12.01
iplanet 아이플라넷 설치파일  (0) 2019.12.01
ews(CentOS(WAS1))설치  (0) 2019.12.01
EWS / JWS / JBCS / JBoss WebServer mod_cluster 모드 클러스터  (0) 2019.12.01
jbcs-httpd24-2.4.23 설치  (0) 2019.12.01

+ Recent posts

티스토리툴바