7.27.1.2 Create the Software Keystore
There are three types of Software Keystores:
- Password-based Software Keystores
- Auto-login Software Keystores
- Local Auto-login Software Keystores
Perform the following steps to create a software keystore:
- Log in as sysdba or user with ADMINISTER KEY MANAGEMENT or SYSKM privilege.
- Use the following command to create password-based software keystore:
CONN sys/password@serviceid AS SYSDBAADMINISTER KEY MANAGEMENT CREATE KEYSTORE 'keystore_location' IDENTIFIED BYsoftware_keystore_password;- keystore_location is the path of the keystore directory you want to create
- software_keystore_password is the password of the keystore that you want to
create.
For example, to create the keystore in the /etc/ORACLE/WALLETS/orcl directory:
ADMINISTER KEY MANAGEMENT CREATE KEYSTORE /etc/ORACLE/WALLETS/orcl' IDENTIFIED BY password;After you run this statement, the
ewallet.p12file, which is the keystore, appears in the keystore location. - Alternatively, you can create an Auto-Login or Local-Login Keystore to avoid
opening the Keystore manually every time. Use the following
command:
ADMINISTER KEY MANAGEMENT CREATE [LOCAL] AUTO_LOGIN KEYSTORE FROM KEYSTORE 'keystore_location' IDENTIFIED BY keystore_password; - LOCAL enables you to create a local auto-login software keystore. Otherwise,
omit this clause if you want the keystore to be accessible by other
computers.
After you run this statement, the
cwallet.ssofile appears in the keystore location.Note:
It is important to remember the master key password (<keystore_password>) used during the creation of the keystore. There are no ways to retrieve the password if forgotten.