12.3 About Registry Parameters for Wallet Storage
Parameter WALLET_LOCATN in file sqlnet.ora specifies the location of the obfuscated Oracle Wallet for use by Oracle PKI applications.
For example, the WALLET_LOCATN parameter for storing an Oracle Wallet in the registry in:
\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\SALESAPP
is located in:
WALLET_LOCATN = (SOURCE= (METHOD=REG) (METHOD_DATA= (KEY=SALESAPP)))
Continuing the example, the encrypted Oracle Wallet is stored in the registry in:
\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\SALESAPP\EWALLET.P12
and the changed Oracle Wallet stored in:
\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\SALESAPP\CWALLET.SSO
On Windows operating systems, if there is no value specified for parameter WALLET_LOCATN, then Oracle PKI applications first look for the changed wallet in registry key:
\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\DEFAULT
If no obfuscated wallet is found there, Oracle PKI applications look for it in the file system of the local computer at location:
%USERPROFILE%\ORACLE\WALLETS
Regardless of location, wallets are always stored in the same format. All functionality is the same except for the location of the wallets.
Topics:
- About Oracle Wallet Manager
Oracle Wallet Manager creates and manages Oracle Wallets.
12.3.1 About Oracle Wallet Manager
Oracle Wallet Manager creates and manages Oracle Wallets.
If you want to use the Windows registry for Oracle Wallets, then you must select the Use Windows System Registry check box. If Windows System Registry is selected, then the tool shows a list of existing keys when it opens a wallet or saves a new wallet. The list appears in:
\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS
You can select one of the existing locations or enter the name for a new location (registry key). If you enter a new key called key1, for example, then the tool creates the following registry key:
\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\KEY1
The encrypted wallet is stored in:
\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\KEY1\EWALLET.P12
The obfuscated wallet is stored in:
\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\KEY1\CWALLET.SSO
If you do not select the Use Windows System Registry check box, then the tool displays all the available drives and directories on the local computer. You can select one of the existing directories or enter a new directory. The tool stores the encrypted or the obfuscated wallet in the selected directory or creates the directory if it does not exist.
Topics:
- About Sharing Wallets and sqlnet.ora Files Among Multiple Databases
Multiple nonreplicated databases cannot share wallets.
See Also:
Oracle Database Enterprise User Security Administrator's Guide for more information about using Oracle Wallet Manager
12.3.1.1 About Sharing Wallets and sqlnet.ora Files Among Multiple Databases
Multiple nonreplicated databases cannot share wallets.
If sqlnet.ora files contain wallet location information, then databases also cannot share sqlnet.ora files.
The only exception to this rule is password-authenticated or Kerberos-authenticated enterprise user security with default database-to-directory connection configuration that uses passwords. This configuration keeps database wallets in the default location, where Database Configuration Assistant creates them. In this situation, no wallet location information is stored in the sqlnet.ora file, and the wallet can be shared among multiple databases.
Note:
If SSL is used for enterprise user authentication, then the wallet location must be specified in the sqlnet.ora file. So, sqlnet.ora files cannot be shared by multiple databases for SSL-authenticated enterprise users.