日期:2014-05-16  浏览次数:20650 次

Oracle wallet 配置 说明


 

 

一.官网对Wallet的说明

http://docs.oracle.com/cd/E11882_01/network.112/e10746/asowalet.htm

 

Security administratorsuse Oracle Wallet Manager to manage public key security credentials on Oracleclients and servers. The wallets it creates can be read by Oracle Database,Oracle Application Server 10g, and the Oracle Identity Managementinfrastructure.

 

Oracle WalletManager is an application that wallet owners use to manage and edit thesecurity credentials in their Oracle wallets. A wallet is a password-protectedcontainer used to store authentication and signing credentials, includingprivate keys, certificates, and trusted certificates needed by SSL. 

 

 

1.1 Oracle Manager 特性

 

Oracle Wallet Manager provides thefollowing features:

WalletPassword Management

StrongWallet Encryption

MicrosoftWindows Registry Wallet Storage

BackwardCompatibility

Public-KeyCryptography Standards (PKCS) Support

MultipleCertificate Support

LDAPDirectory Support

 

1.1.1 Wallet Password Management

Oracle walletsare password protected. Oracle Wallet Manager includes an enhanced walletpassword management module that enforces Password Management Policy guidelines,including the following:

(1)  Minimum password length (8 characters)

(2)  Maximum password length unlimited

(3)  Alphanumeric character mix required

 

Oracle wallets对密码的保护,包含对密码强度的管理:

1. 最少8个字符;

2.密码长度没有最大限制;

3.密码必须是字母和字数的组合。

 

 

1.1.2 Strong Wallet Encryption

Oracle WalletManager stores private keys associated with X.509 certificates and usesTriple-DES encryption.

--Oracle Wallet Manager 使用X.509 认证和Triple-DES 加密来存储private key。

 

1.1.3 Microsoft Windows RegistryWallet Storage

Oracle WalletManager lets you store multiple Oracle wallets in a Windows file managementsystem or in the user profile area of the Microsoft Windows system registry.Storing your wallets in the registry provides the following benefits:

(1)Better Access Control: Wallets stored in the user profile area of the registry areonly accessible by the associated user. User access controls for the systemthus become, by extension, access controls for the wallets. In addition, when auser logs out of a system, access to that user's wallets is effectivelyprecluded.

(2)EasierAdministration: Wallets are associated withspecific user profiles, so no file permissions need to be managed, and thewallets stored in the profile are automatically deleted when the user profileis deleted. You can use Oracle Wallet Manager to create and manage the walletsin the registry.

 

1.1.4 Backward Compatibility

Oracle Wallet Manager isbackward-compatible to Release 8.1.7.

--Oracle Wallet Manager 兼容性支持到8.1.7.

 

1.1.5 Public-Key CryptographyStandards (PKCS) Support

RSALaboratories, a division of RSA Security, Inc., has developed, in cooperationwith representatives from industry, academia, and government, a family of basiccryptography standards called Public-Key Cryptography Standards, or PKCS forshort. These standards establish interoperabi