Oracle database with SSL using Java Keystore

I'm looking for guidance on steps to configure an Oracle 12c database to use SSL with JKS. I found a tutorial which was very clear on steps, however, this ended up being for oracle wallets which my client side does not support.

This is simply a test environment so making it simple I'm trying to just use self signed certs. I was able to create a keystore and export a certificate using these commands.

keytool -genkey -alias oraclekeystore -keyalg RSA -keypass xxx -storepass xxx -keystore KeyStore.jks -keysize 2048 -validity 1461

keytool -export -keystore KeyStore.jks -alias oraclekeystore -file client.cer

And I would use a command similar to below to import on client side with the exception the keystore may already exist but this is the command I found to do the import

sudo keytool -import -trustcacerts -keystore "/usr/lib/jvm/java-8-openjdk-i386/jre/lib/security/cacerts" -storepass xxx -noprompt -alias oraclekeystore -file "client.cer"

Now the next part on how to configure the database to accept connections using TLS with this keystore/cert is where I'm stuck. I see when using a wallet we would add some configs to sqlnet.ora file

WALLET_LOCATION =
   (SOURCE =
     (METHOD = FILE)
     (METHOD_DATA =
       (DIRECTORY = /u01/app/oracle/wallet)
     )
   )

SQLNET.AUTHENTICATION_SERVICES = (TCPS,NTS,BEQ)
SSL_CLIENT_AUTHENTICATION = FALSE
SSL_CIPHER_SUITES = (SSL_RSA_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA)

And set the listener up by stopping the listener, updating listener.ora and starting it again.

SSL_CLIENT_AUTHENTICATION = FALSE

WALLET_LOCATION =
  (SOURCE =
    (METHOD = FILE)
    (METHOD_DATA =
      (DIRECTORY = /u01/app/oracle/wallet)
    )
  )

LISTENER =
  (DESCRIPTION_LIST =
    (DESCRIPTION =
      (ADDRESS = (PROTOCOL = TCP)(HOST = ol7-121.localdomain)(PORT = 1521))
      (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1521))
      (ADDRESS = (PROTOCOL = TCPS)(HOST = ol7-121.localdomain)(PORT = 2484))
    )
  )

ADR_BASE_LISTENER = /u01/app/oracle

However, I'm unsure how to do this using a JKS and self signed cert without Oracle wallets. Does anyone have experience with this or have set up this scenario? Or any resources which may help to configure the server in this scenario?

Thank you!

How many English words
do you know?
Test your English vocabulary size, and measure
how many words do you know
Online Test
Powered by Examplum