RE: TDE Wallet Management Question
Date: Fri, 10 Oct 2014 15:12:07 +0000
Message-ID: <85D44D05C4C24C40AFDED6C1FC0E1BDF3F62E10B_at_SNSLCVWEXCH02.abl.cda.navy.mil>
I don't know if this is still true but I used to have problems with the wallet being used in the default location. "It" actually truncated the password to eight characters. If you move it out of the default location you could get more reasonable behavior out of the password you used on the wallet. I don't think it liked special characters either. I never could figure out what the location had to do with it.
-----Original Message-----
From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Uzzell, Stephan
Sent: Friday, October 10, 2014 10:29 AM
To: 'james.clarence.allen_at_census.gov'; Oracle-L_at_freelists.org
Cc: Uzzell, Stephan
Subject: RE: TDE Wallet Management Question
Hi Jim,
You may want to take a look at MOS Doc 1294017.1 – it suggests you get behavior like this if and when you have a long/complex wallet password. I know that we fought the same thing until we backed our wallet password down to something simpler.
GL,
stephan
Oracle | Micros <http://www.oracle.com/>
Stephan Uzzell | Database Administrator | HGBU Cloud Operations
Mobile: +1 443.864.1725
Oracle Hospitality
Swarthmore, PA | US
cid:image002.gif_at_01CFDD84.DCD06460 <http://www.oracle.com/commitment>
Oracle is committed to developing practices and products that help protect the environment
From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of james.clarence.allen_at_census.gov
Sent: Friday, 10 October, 2014 10:21
To: Oracle-L_at_freelists.org
Subject: TDE Wallet Management Question
I am just beginning to use TDE (mandated by OIS) in a 2 server RAC environment.
I created the master key wallet for my database and created auto-logon wallet.
I copied the wallet to the second server and created an auto-logon wallet.
In instance #1 (where I created the wallet) I get:
SQL> seleinst_id,status from gv$encrypted_wallet;
INST_ID STATUS
- ------------------
1 OPEN 2 CLOSE I go over and manually open the wallet on instance #2 and check:
SQL> seleinst_id,status from gv$encrypted_wallet;
INST_ID STATUS
- ------------------
1 CLOSE 2 OPEN Problem
I couldn't get the wallet to open on both servers. When I opened the wallet
on one server it closed on the other.
Solution
My solution was to bounce the instance and let the auto-logon open the wallet.
After I stopped/started the databasesrvctl I got:
INST_ID STATUS
- ------------------
1 OPEN 2 OPEN Question
- Is this the way it is suppose to work?
- Do I have to bounce the instance each time to get the wallet
to open without closing it on the other instance?
I know, I know... The answer is 42 :-)
Sincerely,
Jim Allen
Database Support Lead, MASSDB Staff
Tel: 1-301-763-7501
Cell: 1-202-604-7286
Database Help Desk: X34944
Support Email: James.Clarence.Allen_at_census.gov Internal Website: http://epd.econ.census.gov/offices/massdb/ <http://epd.econ.census.gov/offices/massdb/>
-- http://www.freelists.org/webpage/oracle-lReceived on Fri Oct 10 2014 - 17:12:07 CEST
- application/pkcs7-signature attachment: smime.p7s