Edit D:\rfid\database\database\doc\win.112\e10845\wallets.htm
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=us-ascii" /> <meta http-equiv="Content-Language" content="en" /> <meta http-equiv="Content-Style-Type" content="text/css" /> <meta http-equiv="Content-Script-Type" content="text/javascript" /> <meta name="robots" content="all" scheme="http://www.robotstxt.org/" /> <meta name="generator" content="Oracle DARB XHTML Converter (Mode = document) - Version 5.1" /> <meta name="Date" content="2010-03-05T15:45:38Z" /> <meta name="doctitle" content="Oracle® Database Platform Guide 11g Release 2 (11.2) for Microsoft Windows" /> <meta name="partno" content="E10845-01" /> <meta name="docid" content="NTQRF" /> <link rel="Start" href="../../index.htm" title="Home" type="text/html" /> <link rel="Copyright" href="../../dcommon/html/cpyr.htm" title="Copyright" type="text/html" /> <link rel="Stylesheet" href="../../dcommon/css/blafdoc.css" title="Default" type="text/css" /> <script type="text/javascript" src="../../dcommon/js/doccd.js"> </script> <link rel="Contents" href="toc.htm" title="Contents" type="text/html" /> <link rel="Index" href="index.htm" title="Index" type="text/html" /> <link rel="Glossary" href="glossary.htm" title="Glossary" type="text/html" /> <link rel="Prev" href="external.htm" title="Previous" type="text/html" /> <link rel="Next" href="pki.htm" title="Next" type="text/html" /> <link rel="alternate" href="../e10845.pdf" title="PDF version" type="application/pdf" /> <title>Storing Oracle Wallets in the Windows Registry</title> </head> <body> <div class="header"> <div class="zz-skip-header"><a name="top" id="top" href="#BEGIN">Skip Headers</a></div> <table class="simple oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="100%"> <tr> <td align="left" valign="top"><b>Oracle® Database Platform Guide<br /> 11<i>g</i> Release 2 (11.2) for Microsoft Windows</b><br /> Part Number E10845-01</td> <td valign="bottom" align="right"> <table class="icons oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="245"> <tr> <td align="center" valign="top"><a href="../../index.htm"><img width="24" height="24" src="../../dcommon/gifs/doclib.gif" alt="Go to Documentation Home" /><br /> <span class="icon">Home</span></a></td> <td align="center" valign="top"><a href="../../nav/portal_booklist.htm"><img width="24" height="24" src="../../dcommon/gifs/booklist.gif" alt="Go to Book List" /><br /> <span class="icon">Book List</span></a></td> <td align="center" valign="top"><a href="toc.htm"><img width="24" height="24" src="../../dcommon/gifs/toc.gif" alt="Go to Table of Contents" /><br /> <span class="icon">Contents</span></a></td> <td align="center" valign="top"><a href="index.htm"><img width="24" height="24" src="../../dcommon/gifs/index.gif" alt="Go to Index" /><br /> <span class="icon">Index</span></a></td> <td align="center" valign="top"><a href="../../dcommon/html/feedback.htm"><img width="24" height="24" src="../../dcommon/gifs/feedbck2.gif" alt="Go to Feedback page" /><br /> <span class="icon">Contact Us</span></a></td> </tr> </table> </td> </tr> </table> <hr /> <table class="simple oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="100%"> <tr> <td align="left" valign="top"> <table class="simple oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="98"> <tr> <td align="center" valign="top"><a href="external.htm"><img width="24" height="24" src="../../dcommon/gifs/leftnav.gif" alt="Go to previous page" /><br /> <span class="icon">Previous</span></a></td> <td align="center" valign="top"><a href="pki.htm"><img width="24" height="24" src="../../dcommon/gifs/rightnav.gif" alt="Go to next page" /><br /> <span class="icon">Next</span></a></td> </tr> </table> </td> <td align="right" valign="top" style="font-size: 90%"><a href="../e10845.pdf">View PDF</a></td> </tr> </table> <a name="BEGIN" id="BEGIN"></a></div> <div class="IND"><!-- End Header --><a id="g1007989" name="g1007989"></a><a id="NTQRF150" name="NTQRF150"></a><a id="i1006846" name="i1006846"></a> <h1 class="chapter"><span class="secnum">11</span> Storing Oracle Wallets in the Windows Registry</h1> <p>This chapter describes storing and retrieving of Oracle Wallets in the Windows <a href="glossary.htm#i432474"><span class="xrefglossterm">registry</span></a>.</p> <a id="i1005639" name="i1005639"></a><a id="NTQRF354" name="NTQRF354"></a> <div class="sect1"><!-- infolevel="all" infotype="General" --> <h2 class="sect1"><a id="sthref478" name="sthref478"></a><a id="sthref479" name="sthref479"></a>Storing Private Keys and Trust Points</h2> <p>Oracle Wallets store <a href="glossary.htm#i433212"><span class="xrefglossterm">private keys</span></a>, <a href="glossary.htm#i433276"><span class="xrefglossterm">trust points</span></a>, and <a href="glossary.htm#i433039"><span class="xrefglossterm">digital certificates</span></a> used in public key applications for authentication and <a href="glossary.htm#i433060"><span class="xrefglossterm">encryption</span></a>. Oracle Wallet Manager creates and manages Oracle Wallets. Oracle public key applications use obfuscated Oracle Wallets for authentication and encryption.</p> <div class="infoboxnote"> <p class="notep1"><span class="bold">Note</span>:</p> Oracle Wallet Manager is a feature of Oracle Advanced Security, a separately licensable option to Oracle Database.</div> </div> <!-- class="sect1" --> <a id="i1005643" name="i1005643"></a><a id="NTQRF355" name="NTQRF355"></a> <div class="sect1"><!-- infolevel="all" infotype="General" --> <h2 class="sect1">Storing User's Profile</h2> <p>In Windows domain, a user's profile is stored on the local computer. When a local user logs on to that computer, that user's profile on the local computer is uploaded into the user profile in that computer's registry. When a user logs out, that user's profile stored on the local file system is updated, ensuring that the domain user or local user always has the most recent user profile version.</p> </div> <!-- class="sect1" --> <a id="i1005646" name="i1005646"></a><a id="NTQRF356" name="NTQRF356"></a> <div class="sect1"><!-- infolevel="all" infotype="General" --> <h2 class="sect1"><a id="sthref480" name="sthref480"></a><a id="sthref481" name="sthref481"></a>Registry Parameters for Wallet Storage</h2> <p>Parameter <code>WALLET_LOCATION</code> in file <code>sqlnet.ora</code> specifies the location of the obfuscated Oracle Wallet for use by Oracle PKI applications. For example, the <code>WALLET_LOCATION</code> parameter for storing an Oracle Wallet in the registry in:</p> <pre xml:space="preserve" class="oac_no_warn">\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\SALESAPP </pre> <p>would be:</p> <pre xml:space="preserve" class="oac_no_warn">WALLET_LOCATION = (SOURCE= (METHOD=REG) (METHOD_DATA= (KEY=SALESAPP))) </pre> <p>Continuing the example, the encrypted Oracle Wallet would be stored in the registry in:</p> <pre xml:space="preserve" class="oac_no_warn">\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\SALESAPP\EWALLET.P12 </pre> <p>and the obfuscated Oracle Wallet would be stored in:</p> <pre xml:space="preserve" class="oac_no_warn">\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\SALESAPP\CWALLET.SSO </pre> <p>On Windows operating systems, if there is no value specified for parameter <code>WALLET_LOCATION</code>, then Oracle PKI applications first look for the obfuscated wallet in registry key:</p> <pre xml:space="preserve" class="oac_no_warn">\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\DEFAULT </pre> <p>If no obfuscated wallet is found there, Oracle PKI applications look for it in the file system of the local computer at location:</p> <pre xml:space="preserve" class="oac_no_warn">%USERPROFILE%\ORACLE\WALLETS </pre> <p>Regardless of location, wallets are always stored in the same format. All functionality is the same except for the location of the wallets.</p> <a id="NTQRF357" name="NTQRF357"></a> <div class="sect2"><!-- infolevel="all" infotype="General" --><a id="sthref482" name="sthref482"></a> <h3 class="sect2"><a id="sthref483" name="sthref483"></a>Oracle Wallet Manager</h3> <p>Oracle Wallet Manager creates and manages Oracle Wallets. If you want to use the Windows registry for Oracle Wallets, then you must select the Use Windows System Registry check box. If Windows System Registry is selected, then the tool shows a list of existing keys when it opens a wallet or saves a new wallet. The list appears in:</p> <pre xml:space="preserve" class="oac_no_warn">\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS </pre> <p>You can select one of the existing locations or enter the name for a new location (registry key). If you enter a new key called <code>key1</code>, for example, then the tool creates the following registry key:</p> <pre xml:space="preserve" class="oac_no_warn">\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\KEY1 </pre> <p>The encrypted wallet will be stored in:</p> <pre xml:space="preserve" class="oac_no_warn">\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\KEY1\EWALLET.P12 </pre> <p>The obfuscated wallet will be stored in:</p> <pre xml:space="preserve" class="oac_no_warn">\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\KEY1\CWALLET.SSO </pre> <p>If you do not select the Use Windows System Registry check box, then the tool displays all the available drives and directories on the local computer. You can select one of the existing directories or enter a new directory. The tool stores the encrypted or obfuscated wallet in the selected directory or creates the directory if it does not exist.</p> <a id="NTQRF358" name="NTQRF358"></a> <div class="sect3"><!-- infolevel="all" infotype="General" --><a id="sthref484" name="sthref484"></a> <h4 class="sect3">Sharing Wallets and sqlnet.ora Files Among Multiple Databases</h4> <p>Multiple nonreplicated databases cannot share wallets. If <code>sqlnet.ora</code> files contain wallet location information, then databases also cannot share <code>sqlnet.ora</code> files.</p> <p>The only exception to this rule is password-authenticated or Kerberos-authenticated enterprise user security with default database-to-directory connection configuration that uses passwords. This configuration keeps database wallets in the default location, where Database Configuration Assistant creates them. In this situation, no wallet location information is stored in the <code>sqlnet.ora</code> file, and the wallet can be shared among multiple databases.</p> <div class="infoboxnote"> <p class="notep1">Note:</p> If SSL is used for enterprise user authentication, then the wallet location must be specified in the <code>sqlnet.ora</code> file. So, <code>sqlnet.ora</code> files cannot be shared by multiple databases for SSL-authenticated enterprise users.</div> </div> <!-- class="sect3" --></div> <!-- class="sect2" --></div> <!-- class="sect1" --></div> <!-- class="ind" --> <div class="footer"> <hr /> <table class="simple oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="100%"> <col width="33%" /> <col width="*" /> <col width="33%" /> <tr> <td align="left"> <table class="simple oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="98"> <tr> <td align="center" valign="top"><a href="external.htm"><img width="24" height="24" src="../../dcommon/gifs/leftnav.gif" alt="Go to previous page" /><br /> <span class="icon">Previous</span></a></td> <td align="center" valign="top"><a href="pki.htm"><img width="24" height="24" src="../../dcommon/gifs/rightnav.gif" alt="Go to next page" /><br /> <span class="icon">Next</span></a></td> </tr> </table> </td> <td style="font-size: 90%" align="center" class="copyrightlogo"><img width="144" height="18" src="../../dcommon/gifs/oracle.gif" alt="Oracle" /><br /> Copyright © 1996, 2010, Oracle and/or its affiliates. All rights reserved.<br /> <a href="../../dcommon/html/cpyr.htm">Legal Notices</a></td> <td align="right"> <table class="icons oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="245"> <tr> <td align="center" valign="top"><a href="../../index.htm"><img width="24" height="24" src="../../dcommon/gifs/doclib.gif" alt="Go to Documentation Home" /><br /> <span class="icon">Home</span></a></td> <td align="center" valign="top"><a href="../../nav/portal_booklist.htm"><img width="24" height="24" src="../../dcommon/gifs/booklist.gif" alt="Go to Book List" /><br /> <span class="icon">Book List</span></a></td> <td align="center" valign="top"><a href="toc.htm"><img width="24" height="24" src="../../dcommon/gifs/toc.gif" alt="Go to Table of Contents" /><br /> <span class="icon">Contents</span></a></td> <td align="center" valign="top"><a href="index.htm"><img width="24" height="24" src="../../dcommon/gifs/index.gif" alt="Go to Index" /><br /> <span class="icon">Index</span></a></td> <td align="center" valign="top"><a href="../../dcommon/html/feedback.htm"><img width="24" height="24" src="../../dcommon/gifs/feedbck2.gif" alt="Go to Feedback page" /><br /> <span class="icon">Contact Us</span></a></td> </tr> </table> </td> </tr> </table> </div> <noscript> <p>Scripting on this page enhances content navigation, but does not change the content in any way.</p> </noscript> </body> </html>
Ms-Dos/Windows
Unix
Write backup
jsp File Browser version 1.2 by
www.vonloesch.de