User's Manual
Oracle Wallet Manager Overview
Using Oracle Wallet Manager 8-5
legal usage combinations). There must be a one-to-one mapping between certificate
requests and certificates. The same certificate request can be used to obtain multiple
certificates; however, more than one certificate for each certificate request cannot be
installed in the same wallet at the same time.
Oracle Wallet Manager uses the X.509 Version 3 KeyUsage extension to define
Oracle PKI certificate usages (Table 8–1):
When installing a certificate (user certificate or trusted certificate), Oracle Wallet
Manager maps the KeyUsage extension values to Oracle PKI certificate usages as
specified in Table 8–2 and Table 8–3.
Table 8–1 KeyUsage Values
Value Usage
0 digitalSignature
1 nonRepudiation
2 keyEncipherment
3 dataEncipherment
4 keyAgreement
5 keyCertSign
6 cRLSign
7 encipherOnly
8 decipherOnly
Table 8–2 Oracle Wallet Manager Import of User Certificates to an Oracle Wallet
KeyUsage Value Critical?
1
Usage
none na Certificate is importable for SSL or S/MIME
encryption use.
0 alone, or any combination
including 0 but excluding 5
and 2
na Accept certificate for S/MIME signature or
code-signing use.
1 alone Yes Not importable.
No Accept certificate for S/MIME signature or
code-signing use.