[oracle@ogg ~]$ adminclient Oracle GoldenGate Administration Client for Oracle Version 19.1.0.0.200714 OGGCORE_19.1.0.0.0OGGBP_PLATFORMS_200628.2141 Copyright (C) 1995, 2019, Oracle and/or its affiliates. All rights
reserved. Linux, x64, 64bit (optimized) on Jun 29 2020 08:15:41 Operating system character set identified as UTF-8. OGG (not connected) 1> connect https://ogg:9001 as admin ERROR: Network error - Certificate validation error OGG (not connected) 4> exit [oracle@ogg ~]$ export
OGG_CLIENT_TLS_CAPATH=/home/oracle/wallet_dir/rootCA_Cert.pem [oracle@ogg ~]$ adminclient Oracle GoldenGate Administration Client for Oracle Version 19.1.0.0.200714 OGGCORE_19.1.0.0.0OGGBP_PLATFORMS_200628.2141 Copyright (C) 1995, 2019, Oracle and/or its affiliates. All rights
reserved. Linux, x64, 64bit (optimized) on Jun 29 2020 08:15:41 Operating system character set identified as UTF-8. OGG (not connected) 1> connect https://ogg:9001 as admin Password for 'admin' at 'https://ogg:9001': Using default deployment 'oggma_first' OGG (https://ogg:9001 oggma_first) 2> info all Program Status Group Type Lag at Chkpt Time Since Chkpt ADMINSRVR RUNNING DISTSRVR RUNNING PMSRVR DISABLED RECVSRVR RUNNING OGG (https://ogg:9001 oggma_first) 3> |
Sunday, August 2, 2020
Setup Certificates used for OGG MA Lab
# Environment variables set before creating the certs and run oggca.sh
export JAVA_HOME=/usr/java/jdk1.8.0_251-amd64
export OGG_HOME=/u01/ogg/oggma
export ORACLE_HOME=/u01/db
export ORACLE_BASE=/u01/app/oracle
export PATH=$ORACLE_HOME/bin:$OGG_HOME/bin:$PATH
export ORACLE_SID=orcl
export OGG_ETC_HOME=/u01/ogg/oggma_first/etc
export OGG_VAR_HOME=/u01/ogg/oggma_first/var
export OGG_CLIENT_TLS_CAPATH=/home/oracle/wallet_dir/rootCA_Cert.pem
# root certificates Wallet
[oracle@ogg ~]$ mkdir /home/oracle/wallet_dir
[oracle@ogg ~]$ orapki wallet create -wallet /home/oracle/wallet_dir/root_ca -auto_login -pwd myComplexPassword123
Oracle PKI Tool Release 21.0.0.0.0 - Production
Version 21.0.0.0.0
Copyright (c) 2004, 2020, Oracle and/or its affiliates. All rights reserved.
Operation is successfully completed.
[oracle@ogg ~]$ orapki wallet add -wallet /home/oracle/wallet_dir/root_ca -dn "CN=RootCA" -keysize 2048 -self_signed -validity 7300 -pwd myComplexPassword123
Oracle PKI Tool Release 21.0.0.0.0 - Production
Version 21.0.0.0.0
Copyright (c) 2004, 2020, Oracle and/or its affiliates. All rights reserved.
Operation is successfully completed.
[oracle@ogg ~]$ orapki wallet export -wallet /home/oracle/wallet_dir/root_ca -dn "CN=RootCA" -cert /home/oracle/wallet_dir/rootCA_Cert.pem -pwd myComplexPassword123
Oracle PKI Tool Release 21.0.0.0.0 - Production
Version 21.0.0.0.0
Copyright (c) 2004, 2020, Oracle and/or its affiliates. All rights reserved.
Operation is successfully completed.
# Server certificates Wallet
[oracle@ogg ~]$ hostname -f
ogg
[oracle@ogg ~]$ orapki wallet create -wallet /home/oracle/wallet_dir/ogg -auto_login -pwd myComplexPassword123
Oracle PKI Tool Release 21.0.0.0.0 - Production
Version 21.0.0.0.0
Copyright (c) 2004, 2020, Oracle and/or its affiliates. All rights reserved.
Operation is successfully completed.
[oracle@ogg ~]$ orapki wallet add -wallet /home/oracle/wallet_dir/ogg -dn "CN=ogg" -keysize 2048 -pwd myComplexPassword123
Oracle PKI Tool Release 21.0.0.0.0 - Production
Version 21.0.0.0.0
Copyright (c) 2004, 2020, Oracle and/or its affiliates. All rights reserved.
Operation is successfully completed.
[oracle@ogg ~]$ orapki wallet export -wallet /home/oracle/wallet_dir/ogg -dn "CN=ogg" -request /home/oracle/wallet_dir/ogg_request.pem -pwd myComplexPassword123
Oracle PKI Tool Release 21.0.0.0.0 - Production
Version 21.0.0.0.0
Copyright (c) 2004, 2020, Oracle and/or its affiliates. All rights reserved.
Operation is successfully completed.
# 20 is a uniqie number
[oracle@ogg ~]$ orapki cert create -wallet /home/oracle/wallet_dir/root_ca -request /home/oracle/wallet_dir/ogg_request.pem -cert /home/oracle/wallet_dir/ogg_Cert.pem -serial_num 20 -validity 365 -pwd myComplexPassword123
Oracle PKI Tool Release 21.0.0.0.0 - Production
Version 21.0.0.0.0
Copyright (c) 2004, 2020, Oracle and/or its affiliates. All rights reserved.
Operation is successfully completed.
[oracle@ogg ~]$ orapki wallet add -wallet /home/oracle/wallet_dir/ogg -trusted_cert -cert /home/oracle/wallet_dir/rootCA_Cert.pem -pwd myComplexPassword123
Oracle PKI Tool Release 21.0.0.0.0 - Production
Version 21.0.0.0.0
Copyright (c) 2004, 2020, Oracle and/or its affiliates. All rights reserved.
Operation is successfully completed.
[oracle@ogg ~]$ orapki wallet add -wallet /home/oracle/wallet_dir/ogg -user_cert -cert /home/oracle/wallet_dir/ogg_Cert.pem -pwd myComplexPassword123
Oracle PKI Tool Release 21.0.0.0.0 - Production
Version 21.0.0.0.0
Copyright (c) 2004, 2020, Oracle and/or its affiliates. All rights reserved.
Operation is successfully completed.
# Distribution Server User certificates Wallet
[oracle@ogg ~]$ orapki wallet create -wallet /home/oracle/wallet_dir/dist_client -auto_login -pwd myComplexPassword123
Oracle PKI Tool Release 21.0.0.0.0 - Production
Version 21.0.0.0.0
Copyright (c) 2004, 2020, Oracle and/or its affiliates. All rights reserved.
Operation is successfully completed.
[oracle@ogg ~]$ orapki wallet add -wallet /home/oracle/wallet_dir/dist_client -dn "CN=ogg" -keysize 2048 -pwd myComplexPassword123
Oracle PKI Tool Release 21.0.0.0.0 - Production
Version 21.0.0.0.0
Copyright (c) 2004, 2020, Oracle and/or its affiliates. All rights reserved.
Operation is successfully completed.
[oracle@ogg ~]$ orapki wallet export -wallet /home/oracle/wallet_dir/dist_client -dn "CN=ogg" -request /home/oracle/wallet_dir/dist_client_request.pem -pwd myComplexPassword123
Oracle PKI Tool Release 21.0.0.0.0 - Production
Version 21.0.0.0.0
Copyright (c) 2004, 2020, Oracle and/or its affiliates. All rights reserved.
Operation is successfully completed.
[oracle@ogg ~]$ orapki cert create -wallet /home/oracle/wallet_dir/root_ca -request /home/oracle/wallet_dir/dist_client_request.pem -cert /home/oracle/wallet_dir/dist_client_Cert.pem -serial_num 30 -validity 365 -pwd myComplexPassword123
Oracle PKI Tool Release 21.0.0.0.0 - Production
Version 21.0.0.0.0
Copyright (c) 2004, 2020, Oracle and/or its affiliates. All rights reserved.
Operation is successfully completed.
[oracle@ogg ~]$ orapki wallet add -wallet /home/oracle/wallet_dir/dist_client -trusted_cert -cert /home/oracle/wallet_dir/rootCA_Cert.pem -pwd myComplexPassword123
Oracle PKI Tool Release 21.0.0.0.0 - Production
Version 21.0.0.0.0
Copyright (c) 2004, 2020, Oracle and/or its affiliates. All rights reserved.
Operation is successfully completed.
[oracle@ogg ~]$ orapki wallet add -wallet /home/oracle/wallet_dir/dist_client -user_cert -cert /home/oracle/wallet_dir/dist_client_Cert.pem -pwd myComplexPassword123
Oracle PKI Tool Release 21.0.0.0.0 - Production
Version 21.0.0.0.0
Copyright (c) 2004, 2020, Oracle and/or its affiliates. All rights reserved.
Operation is successfully completed.
[oracle@ogg ~]$ orapki wallet display -wallet /home/oracle/wallet_dir/root_ca -pwd myComplexPassword123
Oracle PKI Tool Release 21.0.0.0.0 - Production
Version 21.0.0.0.0
Copyright (c) 2004, 2020, Oracle and/or its affiliates. All rights reserved.
Requested Certificates:
User Certificates:
Subject: CN=RootCA
Trusted Certificates:
Subject: CN=RootCA
[oracle@ogg ~]$ orapki wallet display -wallet /home/oracle/wallet_dir/ogg -pwd myComplexPassword123
Oracle PKI Tool Release 21.0.0.0.0 - Production
Version 21.0.0.0.0
Copyright (c) 2004, 2020, Oracle and/or its affiliates. All rights reserved.
Requested Certificates:
User Certificates:
Subject: CN=ogg
Trusted Certificates:
Subject: CN=RootCA
[oracle@ogg ~]$ orapki wallet display -wallet /home/oracle/wallet_dir/dist_client -pwd myComplexPassword123
Oracle PKI Tool Release 21.0.0.0.0 - Production
Version 21.0.0.0.0
Copyright (c) 2004, 2020, Oracle and/or its affiliates. All rights reserved.
Requested Certificates:
User Certificates:
Subject: CN=ogg
Trusted Certificates:
Subject: CN=RootCA
Subscribe to:
Post Comments (Atom)
thank you very much useful article...
ReplyDelete- Satya
https://satya-dba.blogspot.com/2021/10/ogg-admin-client-adminclient.html