Forum Stats

  • 3,741,445 Users
  • 2,248,430 Discussions


How to set keystore location for multiple databases on same host 12.1

SaumilP Member Posts: 11
edited Jul 3, 2019 3:13AM in Database Security - General

Hi all,

I want to know which is the best way to configure keystore location for multiple databases on same host. ( DB version : 12.1 )

I have two node RAC and eight instances are up and running on same host. I gone through couple of oracle docs, but getting confused.

I refer : Design and Deployment Techniques  and  this doc, in this they said that I have to add entry in sqlnet.ora file.

Yes, we know it is best practice to place the keystore on ACFS/NFS/ASM. But in my case I have to place it in local file system.

Example: Configuring a Software Keystore When Multiple Databases Share the sqlnet.ora File

You can configure multiple databases to share the sqlnet.ora file.

The following example shows how to configure a software keystore location when multiple databases share the sqlnet.ora file.


So, the question is

1) what the best way to add $ORACLE_SID entry in sqlnet.ora file or I have to set $ORACLE_UNIQUENAME in place of $ORACLE_SID ??

2) If I am setting $ORACLE_SID in sqlnet.ora file then whenever the server of db restarted then how it can automatically pick the correct wallet. ( we have created different directory for each instance , like : /u01/app/oracle/admin/wallet/INSTANCE1/ etc..)

3) Should I have to also set  $ORACLE_SID/ $ORACLE_UNIQUENAME  in .bash_profile, If yes then what value I have to set means for all instances value I have to set ?

4) Can anyone explain what does mean of below step ?

Configuring the sqlnet.ora File for a Software Keystore Location

Use the sqlnet.ora file to configure the keystore location for a regular file system, for multiple database access, and for use with Oracle Automatic Storage Management (ASM).

To create a software keystore on a regular file system, use the following format when you edit the sqlnet.ora file:


If the path_to_keystore will contain an environment variable, then set this variable in the environment where the database instance is started and before you start the database. If you are using the srvctl utility to start the database, then set the environment variable in the srvctl environment as well, using the following command:

srvctl setenv database -db database_name -env "environment_variable_name=environment_variable_value" 



  • Gaurav Kamal - Oracle-Oracle
    Gaurav Kamal - Oracle-Oracle Member Posts: 27
    edited Jul 3, 2019 3:13AM

    You can use either ORACLE_SID or ORACLE_UNQNAME to point the TDE wallet in the database specific location.

    For RAC, you will need to define the ORACLE_UNQNAME in the srvctl utility.

    Once Set in the srvctl, bounce the DB using srvctl to reflect that.

    Check the below document for the RAC TDE setup

    Managing TDE Wallets in a RAC Environment (Doc ID 567287.1)

Sign In or Register to comment.