I need to connect securely to my Oracle data source.
To validate that my Oracle set-up is working fine I made myself a sample JDBCjava program making a simple select and printing it out.
During this I realised the following:
a- I need to have the Oracle PKI provider declared in my java.security file of my Java set-up : security.provider.7=oracle.security.pki.OraclePKIProvider
b- I need to have 3 Oracle security specific JAR files in the class path : oraclepki.jar, osdt_cert.jar, osdt_core.jar
c- I need to update the URL to the database (TCPS instead of TCP)
d- I need to define properties : javax.net.ssl.trustStore=/path/to/my/store and javax.net.ssl.trustStoreType=SSO
With this all. my Java sample works just fine.
Now when trying to make it work on WildFly:
a- I use the same Java that with the sample (so the provider *is* set-up properly)
b- I added the JARs next to the already existing ojdbc7.jar driver in modules/com/oracle/ojdbc/main and referred to them in the module.xml file
c- I updated the URL in standalone.xml
d- I updated JAVA_OPTS in standalone.conf with the extra properties
And started the server.
This fails to connect with error:
The "SSO KeyStore not available" is mentionned in the Oracle documentation as the error that appears when the provider had not been added properly (in java.security statically, or dynamically with Security.addProvider(new
oracle.security.pki.OraclePKIProvider())) which is not the case here...
This error at least validates that my properties were taken in acocunt properly (as it understands I mean to use "SSO" keystore type).
While playing with my sample, I observer a similar error when the extra JARs were not loaded. So to verify that they *were* loaded with WildFly I corrupted the path to them in module.xml and it gave errors about missing dependencies so the JARs *are* loaded.
I do not know what more to do to solve this out...