Re: Is there a way to extract the primary key from Oracle wallet?

From: Vladimir M. Zakharychev <>
Date: Thu, 11 Dec 2008 03:07:12 -0800 (PST)
Message-ID: <>

On Dec 10, 8:50 am, Charles <> wrote:
> the password is of the wallet.
> When I use 'Oracle wallet manager' and input password, I only can see
> the wallet tree and some trusted certificates.
> this tool also provide the way to "convert your Oracle Wallet to store
> private keys on a smart card rather than on disk"
> But what should I do if I want to get the private keys directly? the
> wallet file "ewallet.p12" is binary file. there are no available info
> about the private keys.
> Is there someone hack this? please share with me. thanks. :)

You should also see your own certificate in the tree. If you have one, you can use Operations -> Export Wallet... command in the menu to export your wallet, including private key. However, OWM does not allow exporting wallets with no certificates (this includes wallets with certificate requests only.)

Not all is lost in this case though: Oracle wallets are standard PKCS#12 containers, which are universally supported. Try opening your .P12 file with OpenSSL like this:

openssl pkcs12 -in ewallet.p12 >wallet.pem

This should import the wallet and dump its contents in PEM format (OpenSSL will ask you to set new private key password when it will come to exporting it, you may want to add -nodes argument so that OpenSSL does not encrypt the exported PK.)


   Vladimir M. Zakharychev
   N-Networks, makers of Dynamic PSP(tm) Received on Thu Dec 11 2008 - 05:07:12 CST

Original text of this message