Connect Liquibase to Oracle Autonomous Database Using a Wallet
You can use a wallet to connect to an OCI Autonomous Database with Liquibase. To do this you need to download the wallet via the console or OCI CLI command, and unzip it in a known directory on your workstation.
Example:
~/oracle/wallets/adb1
You’ll need to edit two files to get Liquibase to connect:
ojdbc.properties
Comment out the oracle.net.wallet_location line:
# oracle.net.wallet_location=(SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=${TNS_ADMIN})))
Uncomment the lines beginning with javax.net.ssl
Add the clear text passwords for
- javax.net.ssl.trustStorePassword
- javax.net.ssl.keyStorePassword
The resulting file should look something like this:
# Connection property while using Oracle wallets.
# oracle.net.wallet_location=(SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=${TNS_ADMIN})))
# FOLLOW THESE STEPS FOR USING JKS
# (1) Uncomment the following properties to use JKS.
# (2) Comment out the oracle.net.wallet_location property above
# (3) Set the correct password for both trustStorePassword and keyStorePassword.
# It's the password you specified when downloading the wallet from OCI Console or the Service Console.
javax.net.ssl.trustStore=${TNS_ADMIN}/truststore.jks
javax.net.ssl.trustStorePassword=MyPassword123!
javax.net.ssl.keyStore=${TNS_ADMIN}/keystore.jks
javax.net.ssl.keyStorePassword=MyOtherPassword123!
~sqlnet.ora
Make sure that SSL_SERVER_DN_MATCH=yes
WALLET_LOCATION = (SOURCE = (METHOD = file) (METHOD_DATA = (DIRECTORY="?/network/admin")))
SSL_SERVER_DN_MATCH=yesThis takes care of the wallet configuration. Now edit the liquibase.properties file to use the wallet
url=jdbc:oracle:thin:@adbhost?TNS_ADMIN=/Users/example/oracle/wallets/adb1The next Liquibase command will now use the wallet connection to connect to the database.