10 Connecting Oracle GoldenGate Veridata to SSL-Enabled Oracle Database

SSL Enabled JDBC URL format: jdbc:oracle:thin:@tcps://<host>:<port>/servicename?wallet_location=<wallet path>, where wallet_location is the Directory path for client wallet files, which are cwallet.sso and ewallet.p12.

To connect Oracle GoldenGate Veridata to SSL-Enabled Oracle Database:

1. Create an auto-login wallet in the database as follows: $ orapki wallet create -wallet <wallet path> -pwd <wallet password> -auto_login.
2. Create a self-signed certificate and load it into the wallet: $ orapki wallet add -wallet <wallet path> -pwd <wallet password> -dn "CN=<database hostname>" -keysize 1024 -self_signed -validity 3650
3. Export the certificate so that you can load it into the client wallet: $ orapki wallet export -wallet <wallet path> -pwd <wallet password> -dn "CN=<hostname>" -cert <server certificate path>
4. Repeat step 1 to 3.
5. Exchange Client and Server Certificates:
   1. Load the server certificate into the client wallet: $ orapki wallet add -wallet <client wallet path> -pwd <wallet password> -trusted_cert -cert <server certificate path>
   2. Load the client certificate into the server wallet: $ orapki wallet add -wallet <server wallet path> -pwd wallet password -trusted_cert -cert <client certificate path>
6. Check the contents of the server/client wallet: $ orapki wallet display -wallet <server wallet path> -pwd <wallet password>

For more information, see Create JKS Wallets for a TLS Connection to a DB System that has Client Authentication Enabled in the Administering Oracle Data Safe guide.