Command orapki is usually used to manamge Oracle wallet in command line.
For Oracle database installation, orapki can be found from "<ORCLE_HOME>/bin".
For Oracle Enterprise Manager installation, it can be found from "<OMS_HOME>/oracle_common/bin", not from the "<OMS_HOME>/bin".
List certificates with command
orapki wallet display -wallet <wallet_location>
$ orapki wallet display -wallet ./
Oracle PKI Tool Release 19.0.0.0.0 - Production
Version 19.3.0.0.0
Copyright (c) 2004, 2019, Oracle and/or its affiliates. All rights reserved.
Requested Certificates:
User Certificates:
Subject: CN=localhost,OU=GCDomain ohs1,O=FOR TESTING ONLY
Trusted Certificates:
Subject: CN=CertGenCA,OU=FOR TESTING ONLY,O=MyOrganization,L=MyTown,ST=MyState,C=US
It shows two certificates in the wallet, one is User Certicates, the other is Trusted Certicate.
If want to check more details (i.e. expiration date) of the certificate, run following command to export certificate to a file,
orapki wallet export -wallet <wallet_location> -dn '<Certicate_DN>' -cert <certificate_file>
Then display certificate details from certificate file with command,
orapki cert display -cert <certificate_file> [-summary]
$ orapki wallet export -wallet ./ -dn 'CN=localhost,OU=GCDomain ohs1,O=FOR TESTING ONLY' -cert /tmp/export.cert Oracle PKI Tool Release 19.0.0.0.0 - Production Version 19.3.0.0.0 Copyright (c) 2004, 2019, Oracle and/or its affiliates. All rights reserved. Operation is successfully completed. $ orapki cert display -cert /tmp/export.cert -summary Oracle PKI Tool Release 19.0.0.0.0 - Production Version 19.3.0.0.0 Copyright (c) 2004, 2019, Oracle and/or its affiliates. All rights reserved. Subject: CN=localhost,OU=GCDomain ohs1,O=FOR TESTING ONLY Issuer: CN=CertGenCA,OU=FOR TESTING ONLY,O=MyOrganization,L=MyTown,ST=MyState,C=US Valid Until: Sat Apr 18 21:54:35 EDT 2026
No comments:
Post a Comment