I’ve been building a test environment using Docker for sometime (over and over), to validate some items within Oracle GoldenGate Microservices (current release as of writing – 19.1.0.0.1). Part of setting Oracle GoldenGate Microservices is to make the environment secure by using certificates. Per Oracle documentation, you can use Self-Signed Certificates for testing purposes (more on that in this post).
In my testing, I have built an Oracle GoldenGate 19c Microservices configuraiton with two deployments (Atlanta and New York). I can access the ServiceManager and login to the associated HTML5 pages with no problem. When I went to run items from the command line (adminclient), I wouldn’t login to the ServiceManager/Deployment due to a Network Error.
$ sh ./adminclient.sh
Oracle GoldenGate Administration Client for Oracle Version 19.1.0.0.1 OGGCORE_19.1.0.0.0_PLATFORMS_190524.2201
Copyright (C) 1995, 2019, Oracle and/or its affiliates.
All rights reserved. Linux, x64, 64bit (optimized) on May 25 2019 02:00:23
Operating system character set identified as US-ASCII.
OGG (not connected) 1> connect https://ogg19c:16000 deployment NewYork as oggadmin password ********
ERROR: Network error – Certificate validation error
OGG (not connected) 2> exit
This got me thinking and started to ask some questions internally. Which lead me to a new envionrment parameter. This enviornment variable is OGG_CLIENT_TLS_CAPATH. The OGG_CLIENT_TLS_CAPATH variable is used to specify the root certificate athority needed to login to the ServiceManager/Deployment that has been secured using the certificate … in my case, my Self-Signed Certs.
After setting the enviornment variable OGG_CLIENT_TLS_CAPATH, I can now login to the AdminClient as expected.
$ export OGG_CLIENT_TLS_CAPATH=/home/oracle/wallet/Root_CA.pem
$ sh ./adminclient.sh
Oracle GoldenGate Administration Client for Oracle Version 19.1.0.0.1
OGGCORE_19.1.0.0.0_PLATFORMS_190524.2201
Copyright (C) 1995, 2019, Oracle and/or its affiliates.
All rights reserved. Linux, x64, 64bit (optimized) on May 25 2019 02:00:23
Operating system character set identified as US-ASCII.
OGG (not connected) 1> connect https://ogg19c:16000 deployment NewYork as oggadmin password ********
OGG (https://ogg19c:16000 NewYork) 2>
I found this quite helpful.
Enjoy!!!!
Please follow and like:
Current Oracle Certs
Bobby Curtis
I’m Bobby Curtis and I’m just your normal average guy who has been working in the technology field for awhile (started when I was 18 with the US Army). The goal of this blog has changed a bit over the years. Initially, it was a general blog where I wrote thoughts down. Then it changed to focus on the Oracle Database, Oracle Enterprise Manager, and eventually Oracle GoldenGate.
If you want to follow me on a more timely manner, I can be followed on twitter at @dbasolved or on LinkedIn under “Bobby Curtis MBA”.
Follow if you like:
Can you be more specific about the content of your article? After reading it, I still have some doubts. Hope you can help me.