Next, I imported the keys from the files copied as per MOS note 2254960.1, but still I saw the same “OPEN_NO_MASTER_KEY” status on the data dictionary. OPEN_NO_MASTER_KEY PASSWORD SINGLE UNDEFINEDģ. SQL> ADMINISTER KEY MANAGEMENT SET KEYSTORE OPEN IDENTIFIED BY “” SQL> ADMINISTER KEY MANAGEMENT CREATE KEYSTORE ‘/etc/oracle/WALLETS/Test’ IDENTIFIED BY “” SQL> select key_id,activation_time from v$encryption_keys I then started the database instance and created the dummy keystore using the new syntax. I brought down my database and removed the keys from “/etc/oracle/WALLETS/Test/” location. I confirmed my existing TDE keys work fine.Ģ. First, I copied my existing keys into “/home/oracle/keys” location as a backup. After doing multiple tests, I was able to get this method working.ġ. I checked MOS and surprisingly, no direct notes to fulfill this purpose. I wanted to use the new unified key management on this upgraded database. No issues were found while accessing the encrypted segments using the old keys with autologin option existing on the “/etc/oracle/WALLETS/Test/” location on the server. I upgraded this database into version 12.1.0.2 without any issues using the above note. I had a test database which was running on RDBMS 11.2.0.4 version along with TDE configured (segments located in dedicated tablespace created with encryption clause). Complete Checklist for Manual Upgrades to Oracle Database 12c Release 1 (12.1) (Doc ID 1503653.1) As a proof, I didn’t see any pre-reqs that exists on TDE part in the following upgrade related MOS note. When reviewing the new unified key management in RDMS 12c, I came across old commands like ‘ALTER SYSTEM’ to manage the TDE keys that are still supported. I’m really excited to be writing this post and I’m hoping it serves as helpful content.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |