Configure a TLS Connection Between the On-Premises Connector on Your Host Machine and Your Oracle Database

Prior to configuring a TLS connection during target registration, you need to configure a TLS connection between the on-premises connector on your host machine and your target database.

1. Open a command prompt on the host machine that has the unzipped install bundle.
2. Find the distinguished name (DN) of the Connection Manager certificate from the on-premises connector wallet by running the following command:

   orapki wallet display -wallet <CMAN wallet location>

3. Export the Connection Manager certificate by running the following command:

   orapki wallet export -wallet <Connection Manager wallet location> -dn <distinguished name of the Connection Manager certificate> -cert <Connection Manager certificate file name>

4. Add the Connection Manager certificate to your on-premises Oracle database server's wallet by running the following command. Note that this step is not necessary for Exadata Cloud@Customer databases.

   orapki wallet add -wallet <database wallet location> -trusted_cert -cert <Connection Manager certificate file name>

5. Export the database server certificate by running the following command. For <database server certificate file>, enter the location where you want to store the certificate (the command below creates the certificate).

   orapki wallet export -wallet <database wallet location> -dn <db server DN> -cert <database server certificate file>

6. Import the database server certificate into the on-premises connector wallet by running the following command. When prompted, enter the wallet password. This is the password that you created when you downloaded and installed the install bundle.

   orapki wallet add -wallet <on-premises connector wallet location> -trusted_cert -cert <database server certificate file>

7. Restart the database listener and restart the on-premises connector.