Oracle Wallet

_Oracle Wallet

Used to set up scripts to build/add root certificates to an Oracle Wallet

add_cert.sh

#!/bin/sh
HOST=$1
WALLET=$2
PWD=$3

BUNDLE=$(openssl version -d|cut -d \" -f2)/cert.pem

# Grab all certs from a site -> Send STDERR to /dev/null
# Send STDERR to a file
# Keep just the first line from the file
# Reverse the string as "cut" cannot return the last field
# Cut the first field (the Common Name for the certificate)
# Reverse the string back to it's origin

CERT=$(echo QUIT|openssl s_client -connect ${HOST}:443 -showcerts >/dev/null 2> /tmp/mycert;head -1 /tmp/mycert|rev|cut -f1 -d=|rev|xargs)

# Grab the certificate from the certificate bundle, onle the part from BEGIN to END
sed -n "/${CERT}/,/^-----END CERTIFICATE-----$/p" ${BUNDLE} | sed -n "/^-----BEGIN CERTIFICATE-----/,/^-----END CERTIFICATE-----$/p" > /tmp/cert.txt

# Add the extracted root certificate to the Oracle Wallet
orapki wallet add -wallet ${WALLET} -trusted_cert -pwd $PWD -cert /tmp/cert.txt

# Remove work files
rm /tmp/mycert /tmp/cert.txt

mk_wallet.sh

#!/bin/sh
PWD=$(openssl rand -base64 8)
WALLET=wallet_$$

orapki wallet create -wallet ${WALLET} -pwd ${PWD} -auto_login > /dev/null

./add_cert.sh oracle.com ${WALLET} ${PWD} > /dev/null
./add_cert.sh example.com ${WALLET} ${PWD} > /dev/null

echo "Your new wallet is ${WALLET} and it has password ${PWD}."

echo 'It now contains the following.'

orapki wallet display -wallet ${WALLET}