We have a requirement for all data at rest to be encrypted. On our Exadata my folks only encrypted application table spaces.
They told me Oracle cant encrypt system table spaces, what is the method to encrypt the entire database. These are 11G & 12C database on the exadata appliance.
We purchased ASO for our appliances
Have a look,
And check the section of Limitations with TDE. Quoting from it,
Do not attempt to encrypt database internal objects such as the
TEMPtablespaces using TDE tablespace encryption. You should focus TDE tablespace encryption on tablespaces that hold application data, not on these core components of the Oracle database.
I believe it implies that though we "can", we should "not" try to use TDE with the core tablespaces. So now, question for you, why you want to encrypt the core tablespaces in the first place?
I have multiple client using TDE on Exadata to satisfy DATA AT REST requirement , you don't have to encrypt system tablespace for this requirement , just application table spaces.
Make sure you don't store any application objects in non-application tablespaces.