Corporation Network Router User Manual
Oracle Wallet Manager Overview
8-6 Oracle Database Advanced Security Administrator's Guide
You should obtain certificates from the certificate authority with the correct
KeyUsage value for the required Oracle PKI certificate usage. A single wallet can
contain multiple key pairs for the same usage. Each certificate can support multiple
Oracle PKI certificate usages, as indicated by Table 8–2 and Table 8–3. Oracle PKI
applications use the first certificate containing the required PKI certificate usage.
For example: For SSL usage, the first certificate containing the SSL Oracle PKI
certificate usage is used.
If you do not have a certificate with SSL usage, then an ORA-28885 error (No
certificate with required key usage found) is returned.
2 alone, or 2 + any
combination excluding 5
na Acceptcertificate for SSL or S/MIME encryption
use.
5 alone, or any combination
including 5
na Accept certificate for CA certificate signing use.
Any settings not listed
previously
Yes Not importable.
No Certificate is importable for SSL or S/MIME
encryption use.
1
If the KeyUsage extension is critical, the certificate cannot be used for other purposes.
Table 8–3 Oracle Wallet Manager Import of Trusted Certificates to an Oracle Wallet
KeyUsage Value Critical?
1
1
If the KeyUsage extension is critical, the certificate cannot be used for other purposes.
Usage
none na Importable.
Any combination
excluding 5
Yes Not importable.
No Importable.
5 alone, or any
combination including 5
na Importable.
Table 8–2 Oracle Wallet Manager Import of User Certificates to an Oracle Wallet
KeyUsage Value Critical?
1
Usage