This discussion is archived
1 Reply Latest reply: Oct 1, 2013 1:37 AM by DK2010 RSS

TDE Wallets & Multiple Databases on same Host

dba69 Explorer
Currently Being Moderated

The Oracle TDE Best Practices (doc ID 130696) states this:

 


Multiple databases on the same host

 

If there are multiple Oracle Databases installed on the same server, they
must access their own individual TDE wallet. Sharing the same wallet between independent instances is not supported
and can potentially lead to the loss of encrypted data.

 

If the databases share the same ORACLE_HOME, they also share the same
sqlnet.ora file in $TNS_ADMIN . In order to access their individual wallet, the
DIRECTORY entry for the ENCRYPTION_WALLET_LOCATION
needs to point each database to its own wallet location:
DIRECTORY= /etc/ORACLE/WALLETS/$ORACLE_UNQNAME
The names of the subdirectories under /etc/ORACLE/WALLETS/ reflect
the ORACLE_UNQNAME names of the individual databases.

 

If the databases do not share the same ORACLE_HOME, they will also have their individual sqlnet.ora
files that have to point to the individual subdirectories.

 


What is the correct sqlnet.ora syntax to do this?  I currently have what is below but it doesn't seem to be correct:
ENCRYPTION_WALLET_LOCATION =
  (SOURCE = (METHOD = FILE)
  (METHOD_DATA =
  (DIRECTORY = /local/oracle/admin/wallet/DB#1)
  (DIRECTORY = /local/oracle/admin/wallet/DB#2)
  )
  )

  • 1. Re: TDE Wallets & Multiple Databases on same Host
    DK2010 Guru
    Currently Being Moderated

    Hi,

     

     

    You can check this :Setting ENCRYPTION_WALLET_LOCATION For Wallets Of Multiple Instances Sharing The Same Oracle Home (Doc ID 1504783.1)

    i haven't done this for multiple database, but as per Doc you can use the syntex like

     

     

    ENCRYPTION_WALLET_LOCATION =

      (SOURCE = (METHOD = FILE)

      (METHOD_DATA =

      (DIRECTORY = /local/oracle/admin/wallet/$ORACLE_UNQNAME)

      )

      )

     

     

    Whenever you set the Environmnet with

    export $ORACLE_UNQNAME=DB#1 

    it will choose the file from respective directory like  /local/oracle/admin/wallet/DB#1

     

    HTH

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points