as soon as one wants to use encryption oracle needs a wallet to be created. when using orapki to create the wallet there is an option “-auto_login” that might be used to enable the database to auto open the wallet with each startup. there seems to be a misunderstanding that you might not change this after the wallet was created. let’s see:
orapki wallet create -wallet . -pwd "blabla1234" Oracle PKI Tool : Version 12.1.0.1 Copyright (c) 2004, 2012, Oracle and/or its affiliates. All rights reserved. dbs300@oel6.lcsys.ch lcsdb:/oradata/dbs300/wallet $ ls -la total 12 drwxr-x--- 2 lcsdb lcsi 4096 11. Nov 22:54 ./ drwxr-x--- 12 lcsdb lcsi 4096 11. Nov 16:03 ../ -rw------- 1 lcsdb lcsi 2856 11. Nov 22:54 ewallet.p12 -rw------- 1 lcsdb lcsi 0 11. Nov 22:54 ewallet.p12.lck
this created the wallet without the “-auto_login” option, thus requires us to provide the wallet password with each database restart. letting orapki print its help:
orapki wallet -h
Oracle PKI Tool : Version 12.1.0.1
Copyright (c) 2004, 2012, Oracle and/or its affiliates. All rights reserved.
Invalid command: -h
wallet:
create [-wallet [wallet]] [[-pwd ] [-auto_login|-auto_login_local]] | [-auto_login_only]
display [-wallet [wallet]] [-pwd ]
change_pwd [-wallet [wallet]] [-oldpwd ] [-newpwd ]
add [-wallet [wallet]]
<-self_signed [-validity [days]] | [-valid_from [mm/dd/yyyy] -valid_until [mm/dd/yyyy]]
[-serial_file ] | [-serial_num ]>
[-pwd ] | [-auto_login_only]
[-sign_alg ]
remove [-wallet [wallet]] [-dn [dn]] [-trusted_cert_all|-trusted_cert|-user_cert|-cert_req]
[-pwd ] | [-auto_login_only]
export [-wallet [wallet]] [-dn [dn]] [-cert [filename] | -request [filename]] [-pwd ]
export_trust_chain [-wallet [wallet]] [-certchain [filename]] [-dn [user_cert_dn]] [-pwd ]
upload [-wallet [wallet]] [-ldap [host:port]] [-user [user]] [-userpwd [userpwd]] [-pwd ]
download [-wallet [wallet]] [-ldap [host:nonsslport]] [-user [user]] [-userpwd [userpwd]] [-pwd ]
jks_to_pkcs12 [-wallet [wallet]] [-pwd ] [-keystore [keystore]] [-jkspwd [jkspwd]]
pkcs12_to_jks [-wallet [wallet]] [-pwd ] [-jksKeyStoreLoc -jksKeyStorepwd ]
[-jksTrustStoreLoc -jksTrustStorepwd ]
p11_add [-wallet [wallet]] [-p11_lib ] [-p11_tokenlabel ]
[-p11_tokenpw ] [-p11_certlabel ] [-pwd ]
p11_verify [-wallet [wallet]] [-pwd ]
help
it really seems that you can only provide the “-auto_login” option while creating the wallet but not after that point. well, this is an example of misleading syntax as you actually can change the option with “orapki wallet create” without destroying the original wallet:
orapki wallet create -wallet . -pwd "blabla1234" -auto_login Oracle PKI Tool : Version 12.1.0.1 Copyright (c) 2004, 2012, Oracle and/or its affiliates. All rights reserved. dbs300@oel6.lcsys.ch lcsdb:/oradata/dbs300/wallet $ ls -la total 16 drwxr-x--- 2 lcsdb lcsi 4096 11. Nov 22:55 ./ drwxr-x--- 12 lcsdb lcsi 4096 11. Nov 16:03 ../ -rw------- 1 lcsdb lcsi 2901 11. Nov 22:55 cwallet.sso -rw------- 1 lcsdb lcsi 0 11. Nov 22:55 cwallet.sso.lck -rw------- 1 lcsdb lcsi 2856 11. Nov 22:54 ewallet.p12 -rw------- 1 lcsdb lcsi 0 11. Nov 22:54 ewallet.p12.lck
a better orapki help or a better syntax might not be too bad :)
Daniel Westermann's Blog 
Thanks a lot. The article Helped me
thanks for your help… it worked!
will disturb other DBs running from the same ORACLE_HOME
Thanks for the information
I am just asking ‘will it disturb other DBs running from the same ORACLE_HOME’ ?
Ah, ok. I would say no, but I would test it
I cannot seem to use the cwallet.sso if I use the utl_http.set_wallet (‘file:<wallet_location'). Is there a way to access the cwallet.sso in this utl_http method?
The clue ist to use mkstore -wrl jour\walles\location -createSSO and then restart the listener to add “auto_login” feature aufterwards