Oracle.ManagedDataAccess to AWS RDS DB - TCPS: Invalid SSL Wallet (Magic)

Question

I am trying to connect to a Amazon RDS instance via the Oracle.ManagedDataAccess Nuget package using a SSL certificate.

I can connect successfully via SQL*Plus using

Answer 1

Turns out that the wallet file generated by orapki isn't appropriate here.

The solution is to use the Windows Certificate Store instead to hold the RDS Certificate Authority instead.

In this case you download the PKCS7 file for RDS from AWS and import that into your Trusted Root Certification Authorities in Windows.

Then you change your app.config to set your wallet location to be the Microsoft Certificate Store like this:

<oracle.manageddataaccess.client>
    <version number="*">
      <settings>
        <setting name = "WALLET_LOCATION" value="(SOURCE=(METHOD =MCS)) "/>
      </settings>
    </version>
</oracle.manageddataaccess.client>

And then everything works as expected.