Skip to Main Content
  • Questions

  • Error in Opening KeyStore in Oracle 12c R2

Breadcrumb

Question and Answer

Connor McDonald

Thanks for the question, Zahir.

Asked: November 27, 2017 - 8:24 pm UTC

Last updated: February 14, 2018 - 1:28 am UTC

Version: 12.2.0.1

Viewed 1000+ times

You Asked

I am trying to create TDE example .
I was able to create a keystore ; but when I open the key store , I am getting ORA-28367.

What am I missing here ? Thanks very much in advance.

SQL> select * from v$version ;

BANNER                                                                               CON_ID
-------------------------------------------------------------------------------- ----------
Oracle Database 12c Enterprise Edition Release 12.2.0.1.0 - 64bit Production              0
PL/SQL Release 12.2.0.1.0 - Production                                                    0
CORE    12.2.0.1.0      Production                                                                0
TNS for 64-bit Windows: Version 12.2.0.1.0 - Production                                   0
NLSRTL Version 12.2.0.1.0 - Production                                                    0

SQL> administer key management create keystore 'C:\app\oracle\virtual\admin\db1cdb\encryption_keystore' identified by Ora12cR2PasswdEncryption;

keystore altered.


C:\app\oracle\virtual\admin\db1cdb\encryption_keystore>dir

 Directory of C:\app\oracle\virtual\admin\db1cdb\encryption_keystore

11/22/2017  10:15 AM    <DIR>          .
11/22/2017  10:15 AM    <DIR>          ..
11/22/2017  10:15 AM             2,408 ewallet.p12
               1 File(s)          2,408 bytes
               2 Dir(s)   8,378,060,800 bytes free





Contents of SQLNET.ORA
----------------------
SQLNET.AUTHENTICATION_SERVICES= (NTS)
SQLNET.ENCRYPTION_SERVER = requested
SQLNET.CRYPTO_SEED = 'Pas$W0rdO'
SQLNET.ENCRYPTION_TYPES_SERVER= (AES256)
ADR_BASE = C:\app\oracle\virtual\product\12.2.0\dbhome_1\log

ENCRYPTION_WALLET_LOCATION =
  (SOURCE =(METHOD = FILE)
  (METHOD_DATA =
    (DIRECTORY = C:\app\oracle\virtual\admin\db1cdb\encryption_keystore)))
    


SQL> administer key management set keystore open identified by Ora12cR2PasswdEncryption container=ALL;
administer key management set keystore open identified by Ora12cR2PasswdEncryption container=ALL
*
ERROR at line 1:
ORA-28367: wallet does not exist


and Connor said...

You probably need to get your database to re-read sqlnet.ora, eg

SQL> conn / as sysdba
Connected.
SQL> administer key management create keystore 'C:\app\oracle\virtual\admin\db1cdb\encryption_keystore' identified by Ora12cR2PasswdEncryption;

keystore altered.

SQL> administer key management set keystore open identified by Ora12cR2PasswdEncryption container=ALL;
administer key management set keystore open identified by Ora12cR2PasswdEncryption container=ALL
*
ERROR at line 1:
ORA-28367: wallet does not exist


SQL> shutdown abort
ORACLE instance shut down.
SQL> startup
ORACLE instance started.

Total System Global Area 3154116608 bytes
Fixed Size                  8923864 bytes
Variable Size             805307688 bytes
Database Buffers         2332033024 bytes
Redo Buffers                7852032 bytes
Database mounted.
Database opened.

SQL> administer key management set keystore open identified by Ora12cR2PasswdEncryption;

keystore altered.


Rating

  (2 ratings)

Is this answer out of date? If it is, please let us know via a Comment

Comments

Similar problem

WK Tay, February 13, 2018 - 6:00 am UTC

Hi, I face this similar problem.

***********************************************
SQL> select * from V$encryption_wallet;

WRL_TYPE
--------------------
WRL_PARAMETER
--------------------------------------------------------------------------------
STATUS WALLET_TYPE WALLET_OR FULLY_BAC
------------------------------ -------------------- --------- ---------
CON_ID
----------
FILE
D:\ORACLE\APP\PRODUCT\12.2.0\DBHOME_1\NETWORK\ADMIN\WALLET\ORCL\
CLOSED UNKNOWN SINGLE UNDEFINED
0

SQL> ADMINISTER KEY MANAGEMENT SET KEYSTORE OPEN IDENTIFIED BY w123456;
ADMINISTER KEY MANAGEMENT SET KEYSTORE OPEN IDENTIFIED BY w123456
*
ERROR at line 1:
ORA-28367: wallet does not exist

*********************************************************

I have tried "shutdown immediate"or "shutdown abort". But it is not helping.

Any other possible solutions?
Please assist
Connor McDonald
February 14, 2018 - 1:28 am UTC

Make sure sqlnet.ora contains the correct entry

hungju, September 10, 2018 - 6:12 am UTC

you should set the TNS_ADMIN to the keystore location: D:\ORACLE\APP\PRODUCT\12.2.0\DBHOME_1\NETWORK\ADMIN\WALLET\ORCL\
more

Connor and Chris don't just spend all day on AskTOM. You can also catch regular content via Connor's blog and Chris's blog. Or if video is more your thing, check out Connor's latest video and Chris's latest video from their Youtube channels. And of course, keep up to date with AskTOM via the official twitter account.

More to Explore

Administration

Need more information on Administration? Check out the Administrators guide for the Oracle Database