Creating and Managing Oracle Wallet

1- Instroduction

This document is based on:
  • Oracle 11g  (OK for 12c)

2- What is Oracle Wallet?

Oracle Wallet as a way to store the connection information to the database across multiple domains. The table below illustrates that a wallet containing content.
DB Connection String Username Passwod
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = myserver1)(PORT = 1521))
    (CONNECT_DATA =
      (SERVER = DEDICATED)
      (SERVICE_NAME = db11g)
    )
  )
dev dev001
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = myserver2)(PORT = 1521))
    (CONNECT_DATA =
      (SERVER = DEDICATED)
      (SERVICE_NAME = db12c)
    )
  )
prod prod123
Thus Wallet containing the credentials so that you can access a certain database. When information about this database change, you can update the wallet. Your application can use the credentials on the Wallet to access a database instead of manually managing information.

3- Wallet in Oracle 11g, 12c

3.1- Creating and Managing Wallet (11g, 12c)

You must open CMD as Administrator.
CD to BIN directory of Oracle:
Wallets can be copied to different machines, which can represent a security risk. In 11g Release 2, you can prevent the auto login functionality of the wallet from working if it is copied to another machine by creating a local wallet using the "orapki" command, instead of the "mkstore" command.
Creating wallet with "orapki" command:
# wallet_location is the path to the directory where you want to create and store the wallet.


orapki wallet create -wallet <wallet_location> -pwd <password> -auto_login_local


# Example:

orapki wallet create -wallet C:/DevPrograms/mywallet -pwd mysecret1 -auto_login_local
Wallet was created, it consists of two files cwallet.sso & ewallet.p12

3.2- Display Wallet Information (11g,12c)

Display wallet info:
# Syntax:

orapki wallet display -wallet <wallet-location>

# Example:

orapki wallet display -wallet C:/DevPrograms/mywallet

3.3- Change wallet Password (11g,12c)

# Syntax

orapki wallet change_pwd -wallet <wallet-location> -oldpwd <old password> -newpwd <new password>

# Example:

orapki wallet change_pwd -wallet C:/DevPrograms/mywallet -oldpwd mysecret1 -newpwd mysecret2

4- Wallet in Oracle 10g

4.1- Creating and Managing Wallet (10g)

You must open CMD as Administrator.
CD to BIN directory of Oracle:
Creating wallet:
# wallet_location is the path to the directory where you want to create and store the wallet.

mkstore -wrl <wallet_location> -create


# Example:

mkstore -wrl C:/DevPrograms/mywallet -create
Enter password for wallet:
Note: The password you entered may not meet the standard and you will receive an error message, such as entering a password less than 8 characters.
Re enter password: mysecret1
Wallet was created, it consists of two files cwallet.sso & ewallet.p12

5- Add database login credentials to an existing client wallet (10g,11g,12c)


mkstore -wrl <wallet_location> -createCredential <db_connect_string> <username> <password>
   
DB Connection String Username Passwod
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = myserver1)(PORT = 1521))
    (CONNECT_DATA =
      (SERVER = DEDICATED)
      (SERVICE_NAME = db11g)
    )
  )
dev dev001
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = myserver2)(PORT = 1521))
    (CONNECT_DATA =
      (SERVER = DEDICATED)
      (SERVICE_NAME = db12c)
    )
  )
prod prod123
Example:
# <wallet_location>

C:\DevPrograms\mywallet

# <db_connect_string>

"(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=myserver1)(PORT=1521))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=db11g)))"