DBA Hub

📋Steps in this guide1/4

How to create encrypted tablespace in PDB( oracle 12c) - DBACLASS DBACLASS

For creating an encrypted tablespace in a PLUGGABLE DATABASE ( PDB) for multitenant oracle 12c setup, we need to do a few additional steps. DEMO: In the below DEMO, we will create a encrypted tablespace under a pluggable database SDCP1 1. Update sqlnet.ora file with ENCRYPTION_WALLET_LOCATION cat sqlnet.ora # sqlnet.ora Network Configuration File: /export/home/oracle/product/12c/product/12.2.0/dbh

oracle clusteringintermediate
by OracleDba
12 views
1

Overview

For creating an encrypted tablespace in a PLUGGABLE DATABASE ( PDB) for multitenant oracle 12c setup, we need to do a few additional steps. In the below DEMO, we will create a encrypted tablespace under a pluggable database SDCP1 1. Update sqlnet.ora file with ENCRYPTION_WALLET_LOCATION 2. Set encryption key at container DB:

Code/Command (click line numbers to comment):

1
2
3
4
5
6
7
8
9
10
11
12
cat sqlnet.ora

# sqlnet.ora Network Configuration File: /export/home/oracle/product/12c/product/12.2.0/dbhome_1/network/admin/sqlnet.ora
# Generated by Oracle configuration tools.

NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)

ENCRYPTION_WALLET_LOCATION =
  (source =
    (method = file)
    (method_data =
      (directory = /export/home/oracle/product/12c/product/12.2.0/dbhome_1/network/admin)))
2

Section 2

3. Take the backup of the created keystore. Always create a backup of the keystore , before doing any changes.

Code/Command (click line numbers to comment):

1
2
3
4
5
6
7
8
9
10
11
12
13
SQL> show con_name

CON_NAME
------------------------------
CDB$ROOT
SQL>
SQL> alter system set encryption key identified by "password123";

System altered.

SQL> administer key management backup keystore identified by "password123";

keystore altered.
3

Section 3

4. Now set the keystore in the pluggable database(PDB). In our case, SDC1 is a pluggable db. 5. Create the encrypted tablespace:

Code/Command (click line numbers to comment):

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
SQL> alter session set container=SDCP1;

Session altered.


SQL> administer key management set keystore open identified by "password123";

keystore altered.

SQL> administer key management set key identified by "password123";

keystore altered.


SQL> select con_id,STATUS from V$ENCRYPTION_WALLET;

    CON_ID STATUS
---------- ------------------------------
         3 OPEN
4

Section 4

We have successfully created an encrypted tablespace in the PDB.

Code/Command (click line numbers to comment):

1
2
3
4
5
6
7
8
9
10
SQL> create tablespace ENCRYPT_TS datafile '/export/home/oracle/product/12c/oradata/ORA12CR2/SDCP1/encryp_ts1.dbf' size 1G encryption default storage(encrypt);

Tablespace created.

  
  SQL> select TABLESPACE_NAME,ENCRYPTED from dba_tablespaces where tablespace_name='ENCRYPT_TS';

TABLESPACE_NAME                ENC
------------------------------ ---
ENCRYPT_TS                     YES

Comments (0)

Please to add comments

No comments yet. Be the first to comment!