1. Security Guide
  2. Creating an Oracle Wallet

Creating an Oracle Wallet

To enable TLS for the Siebel LDAP security adapter, an Oracle wallet must be created on the Siebel Server computer which runs the Application Object Managers or other components that must support LDAP authentication through the LDAP security adapter. The Oracle wallet must contain CA server certificates that have been issued by Certificate Authorities to LDAP servers.

Use the following procedure to create an Oracle wallet. Before creating an Oracle Wallet, note that you must be logged in to Siebel as the same user that the Siebel Server service runs under and the wallet must be located in the default location for that user.

To create an Oracle wallet

  1. Determine which Certificate Authorities issued the server certificate for your LDAP server and obtain this CA certificate.

  2. Copy the CA certificate to the computer where you have installed Oracle Wallet Manager.

  3. On the Siebel Server computer where you will run the Application Object Manager components that support LDAP authentication, create an Oracle wallet using Oracle Wallet Manager.

    To create the wallet, follow the detailed instructions in Oracle® Database Advanced Security Administrator’s Guide. Specify the following values:

    1. In the New Wallet dialog box, enter a password for the wallet in the Wallet Password field, then reenter the password in the Confirm Password field.

    2. From the Wallet Type list, select Standard, then click OK.

      A new empty wallet is created.

    3. When prompted to specify whether or not you want to add a certificate request, select No.

      You return to the Oracle Wallet Manager main window.

    4. Save the wallet by selecting Wallet, then Save In System Default to save the wallet file to the default directory location:

      • For UNIX the default directory location is $ORACLE_HOME/bin/owm/wallets/username.

      • For Windows the default directory location is ORACLE_HOME\bin\owm\wallets\username.

      You must specify this directory when configuring TLS for clients and servers. You can save the wallet to a different directory if required.

  4. Import the CA certificate that you copied to the computer earlier in this procedure into the wallet you have created.

    You can import as many CA certificates as required. For information on importing certificates, see Oracle® Database Advanced Security Administrator’s Guide.

Note: For LDAP servers that have their server certificate issued from a new CA, just add the CA certificate to the existing wallet, instead of creating a new wallet for every LDAP server.