My Oracle Support Banner

Ava.cer And Avs.cer Are Not Updated After Rotating of AVS Certificates (Doc ID 3064444.1)

Last updated on JANUARY 24, 2025

Applies to:

Oracle Audit Vault and Database Firewall - Version 20.9.0.0.0 and later
Information in this document applies to any platform.

Symptoms

A following documentation is guiding to verify certification files at step 8 in "3.7.3 Rotating Audit Vault Server Certificates".

https://docs.oracle.com/en/database/oracle/audit-vault-database-firewall/20/sigad/security_guidelines.html#GUID-3978C1CD-11E7-4CAD-B48D-9F6C1F734954

Oracle® Audit Vault and Database Firewall Administrator's Guide Release 20
3 General Security Guidelines
3.7.3 Rotating Audit Vault Server Certificates

Oracle AVDF 20.9 and 20.10 Standalone

8. Verify that the local and peer certificates are valid.
Verify the following local certificates:

- /usr/local/dbfw/etc/ca.crt
- /etc/pki/tls/certs/localhost_internal.crt
- /usr/local/dbfw/etc/cert.crt
- /usr/local/dbfw/etc/avs/avs_apex_client.crt
- /usr/local/dbfw/etc/avs/avswallet
- /etc/pki/tls/certs/localhost.crt

Verify the following peer certificates:

- /usr/local/dbfw/etc/avs/fwcerts/fw-[ip].cert
- /usr/local/dbfw/etc/ha_partner.crt
- /var/lib/oracle/dbfw/av/conf/ava.cer <<<<<<<<<< here
- /var/lib/oracle/dbfw/av/conf/avs.cer <<<<<<<<<< here


However, /var/lib/oracle/dbfw/av/conf/ava.cer and /var/lib/oracle/dbfw/av/conf/avs.cer are not updated after the rotation of AVS certification.

 

 

 

Changes

Rotating Audit Vault Server Certificates

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.