Skip to Main Content
  • Questions

  • wallet and entries in sqlnet.ora file to handle encryption

Breadcrumb

Question and Answer

Connor McDonald

Thanks for the question, Christine.

Asked: December 02, 2015 - 7:19 pm UTC

Last updated: December 09, 2015 - 9:07 am UTC

Version: 12.1.0.2

Viewed 1000+ times

You Asked

I have a current wallet, both cwallet.sso and ewallet.p12. I want to set the TDE master key for encryption. I have no entries in the sqlnet.ora file right now and the current wallet is not in the default directory. Should I have entries in the sqlnet.ora file to handle the encryption and where the wallet is located? Do I need entries other than ENCRYPTION_WALLET_LOCATION in the sqlnet.ora file? Since my current wallet only has the SSL certificate for the server, should I create a different wallet to hold the TDE master key or is it possible to have more than one wallet? If the latter, then when I issue the "alter system set encryption key identified by "wallet_password", how does it know which wallet to put the TDE master key?

and Connor said...

We will look for ENCRYPTION_WALLET_LOCATION first.

If that is not there, we will use WALLET_LOCATION if found.

So you can have more than one wallet (eg one for TDE, one other auth) if you want.

(If neither is in sqlnet.ora, there is a default location, under $ORACLE_HOME/admin, although the precise location escapes me)

Hope this helps.

Rating

  (1 rating)

Is this answer out of date? If it is, please let us know via a Comment

Comments

Christine Hayes, December 08, 2015 - 9:11 pm UTC

Thanks for you assistance. I plan on just using one wallet since that will be more simple.
Connor McDonald
December 09, 2015 - 9:07 am UTC

Agreed :-)
more

Connor and Chris don't just spend all day on AskTOM. You can also catch regular content via Connor's blog and Chris's blog. Or if video is more your thing, check out Connor's channel and Chris's channel from their Youtube channels. And of course, keep up to date with AskTOM via the official twitter account.