I would like to establish wallets as standard practice in our shop. I've had success running a few things with wallets, and as I prepare to roll this out, I realize there is a mystery that I can't solve, and would love some input.
Oracle is finding and using my wallet, but I never specified a WALLET_LOCATION= in my tnsnames.ora. I'm not storing my wallet in a standard, recognized location, so how does it know where it is located? I don't mind adding a WALLET_LOCATION, but I should understand this better when recommending this as our standard.
It's odd: I set TNS_ADMIN to $HOME, so that my .tnsnames.ora file can be found, and my $HOME/.tnsnames.ora uses IFILE to include a global tnsnames file. But neither file contains a WALLET_LOCATION directive. TNS_ADMIN is definitely being used: if I don't set TNS_ADMIN, or if I point it to the wallet directory, connections fail.
How I created the wallet
WALLETDIR=$HOME/my/walletdir
orapki wallet create -wallet $WALLETDIR -auto_login_only
mkstore -wrl $WALLETDIR -create
mkstore -wrl $WALLETDIR -createCredential myDB myUID myPW
How I use the wallet
export TNS_ADMIN=$HOME
sqlplus /@DB
Content of $HOME/.tnsnames.ora
myDB= (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = x.y.com)(PORT = 1521))
(CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = zz))
)
#Include the system-wide common file
IFILE=/filesystem1/comm/global/tnsnames.ora
Content of /filesystem1/comm/global/tnsnames.ora
SQLNET.WALLET_OVERRIDE = TRUE
TNSXX = ...