Discussion:
Oracle wallet and jdbc thin driver
Peter Hitchman
2016-01-15 16:08:34 UTC
Permalink
Hi
Oracle Database 11.2.0.4
on OEL 6.5

I wss trying out some test code with the wallet and JDBC thin driver
written when we were using 11.1.0.6.

My CLASSPATH contains:

/oracle/app/oracle/product/11.2.0/client_1/jdbc/lib/ojdbc6.jar
/oracle/app/oracle/product/11.2.0/client_1/rdbms/jlib/xdb.jar
/oracle/app/oracle/product/11.2.0/client_1/lib/xmlparserv2.jar
/oracle/app/oracle/product/11.2.0/client_1/jlib/oraclepki.jar

I kept getting this error:-

"java.sql.SQLException: encountered a problem with the Secret Store. Check
the wallet location for the presence of an open wallet (cwallet.sso) and
ensure that this wallet contains the correct credentials using the mkstore
utility: java.io.IOException: PKI-02002: Unable to open the wallet. Check
password."

Eventually I managed to fix this by changing the permissions of the
ewallet.p12 so that it is world readable, the same as the cwallet.sso file.

I do not like doing this because it means anyone can now copy both the .sso
and .p12 files.

I do not understand why this is required when using the thin driver. Any
ideas?

Thanks

Pete
Igor Racic
2016-01-19 12:24:50 UTC
Permalink
Hi Peter,

No need to be world readable, just readable for user running the Java process.

Regards,
Igor
Post by Peter Hitchman
Hi
Oracle Database 11.2.0.4
on OEL 6.5
I wss trying out some test code with the wallet and JDBC thin driver written
when we were using 11.1.0.6.
/oracle/app/oracle/product/11.2.0/client_1/jdbc/lib/ojdbc6.jar
/oracle/app/oracle/product/11.2.0/client_1/rdbms/jlib/xdb.jar
/oracle/app/oracle/product/11.2.0/client_1/lib/xmlparserv2.jar
/oracle/app/oracle/product/11.2.0/client_1/jlib/oraclepki.jar
I kept getting this error:-
"java.sql.SQLException: encountered a problem with the Secret Store. Check
the wallet location for the presence of an open wallet (cwallet.sso) and
ensure that this wallet contains the correct credentials using the mkstore
utility: java.io.IOException: PKI-02002: Unable to open the wallet. Check
password."
Eventually I managed to fix this by changing the permissions of the
ewallet.p12 so that it is world readable, the same as the cwallet.sso file.
I do not like doing this because it means anyone can now copy both the .sso
and .p12 files.
I do not understand why this is required when using the thin driver. Any
ideas?
Thanks
Pete
--
http://www.freelists.org/webpage/oracle-l
Peter Hitchman
2016-01-19 16:37:47 UTC
Permalink
Good point.

Thanks for the feedback.

Pete
Post by Igor Racic
Hi Peter,
No need to be world readable, just readable for user running the Java process.
Regards,
Igor
Post by Peter Hitchman
Hi
Oracle Database 11.2.0.4
on OEL 6.5
I wss trying out some test code with the wallet and JDBC thin driver
written
Post by Peter Hitchman
when we were using 11.1.0.6.
/oracle/app/oracle/product/11.2.0/client_1/jdbc/lib/ojdbc6.jar
/oracle/app/oracle/product/11.2.0/client_1/rdbms/jlib/xdb.jar
/oracle/app/oracle/product/11.2.0/client_1/lib/xmlparserv2.jar
/oracle/app/oracle/product/11.2.0/client_1/jlib/oraclepki.jar
I kept getting this error:-
"java.sql.SQLException: encountered a problem with the Secret Store.
Check
Post by Peter Hitchman
the wallet location for the presence of an open wallet (cwallet.sso) and
ensure that this wallet contains the correct credentials using the
mkstore
Post by Peter Hitchman
utility: java.io.IOException: PKI-02002: Unable to open the wallet. Check
password."
Eventually I managed to fix this by changing the permissions of the
ewallet.p12 so that it is world readable, the same as the cwallet.sso
file.
Post by Peter Hitchman
I do not like doing this because it means anyone can now copy both the
.sso
Post by Peter Hitchman
and .p12 files.
I do not understand why this is required when using the thin driver. Any
ideas?
Thanks
Pete
--
Regards

Pete
Loading...