"Some Trusted Certificates Could Not be Installed" - Unable to Import Trusted Certificate into Oracle Wallet (Doc ID 760453.1)

Last updated on JUNE 14, 2016

Applies to:

Oracle Fusion Middleware - Version 10.1.2.0.0 to 10.1.4.3.0 [Release AS10gR2 to AS10gR3]
Oracle HTTP Server - Version 10.1.2.0.0 to 10.1.3.5.0 [Release AS10gR2 to AS10gR3]
Oracle Security Service - Version 10.1.0.4 to 10.2.0.5 [Release 10.1 to 10.2]
Information in this document applies to any platform.
Oracle Application Server 10g Release 3 - Version: 10.1.2.0.0 to 10.1.3.5.0
Oracle Identity Management 10g Release 3 - Version: 10.1.4.0.1 to 10.1.4.3.0
***Checked for relevance on 14-Jan-2015***


Symptoms

 

There is an issue importing a trusted CA(Certificate Authority) certificate in to Oracle Wallet using OWM (Oracle Wallet Manager), ssl2ossl, or orapki command line utilities. The errors seen as follows:

Some trusted certificate could not be installed.

or

Couldn't generate valid wallet, error = 28750!



Investigation of this issue reveals the following points:

 

1. This is seen on all OWM versions from the following Oracle products:

2. OWM from Oracle Database 11g is able to successfully import this certificate.

3. orapki displays certificate successfully, however it fails while importing the certificate into wallet.

4. openssl is able to view the certificate.

5. mkwallet fails to display the certificate as in following example:


$ $ORACLE_HOME/bin/mkwallet -q ./AC_Certisign_G3_64.cer

Oracle Wallet Commandline Tool for Linux: Version 9.0.0.0.0 - Production on 03-DEC-2008 10:51:49

Copyright (c) 1999 Oracle. All rights reserved.

Failed to retrieve certificate

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms