Tall Birch

Creating a self-signed certificate that is oracle friendly got a lot easier when I discovered the orapki utility via a comment made by ‘Frank‘ here.

Simply navigate to your oracle wallet directory and type
orapki wallet create -wallet ./ -auto_login
(you will be prompted to establish a new password for this wallet)

and then type

orapki wallet add -wallet ./ -dn "CN=cname, OU=ounit, O=org, L=city, ST=state, C=country" -keysize 1024 -self_signed -validity 365
(where the dn entries are customized to your environment)

You will be prompted for the same password you set with the first command, and you are all set.

One thing we have done is changed the validity (hey, if it’s self-signed, do you care how long it lasts?) from 365 (1 year) to 7300 (roughly 20). Now my self-signed cert is set until 2028 with just two commands.