Some quick notes regarding PDBs on Oracle OCI
I opted to continue but had to sort out the issue after which is to do with "Transparent Data Encryption" - TDE on the tablespaces and you are not able to add any tablespaces.
Make sure you make a note of all passwords when building out databases as you are in big trouble with the keystore if you don't have the correct password and no way to reset the password as far as I know (at least not without the help of Oracle).
See this document :
Creating and Activating a Master Encryption Key for a PDB (in OCI and OCI-Classic)
See this document :
Creating and Activating a Master Encryption Key for a PDB (in OCI and OCI-Classic)
(Doc ID 2469398.1)
For the new pluggable database :
SQL> select * from v$encryption_wallet
WRL_TYPE -------------------- WRL_PARAMETER -------------------------------------------------------------------------------- STATUS WALLET_TYPE WALLET_OR KEYSTORE FULLY_BAC ------------------------------ -------------------- --------- -------- --------- CON_ID ---------- FILE
OPEN_NO_MASTER_KEY PASSWORD SINGLE UNITED UNDEFINED 4
SQL> ADMINISTER KEY MANAGEMENT SET KEY USING TAG 'tag' FORCE KEYSTORE IDENTIFIED BY Password# WITH BACKUP USING 'backup_10062021' 2 /
keystore altered.
So no single or double quotes surrounding the password.
That was after closing the keystore and then reopening.
SQL> ADMINISTER KEY MANAGEMENT SET KEYSTORE close identified by Password99#
keystore altered.
As root :
dbcli update-tdekey -i da29189a-b5eb-46f7-bde2-8c334dc21e19 -n DB123 -hp Password99#
dbcli describe-job -i da29189a-b5eb-46f7-bde2-8c334dc21e19
Job details
----------------------------------------------------------------
ID: da29189a-b5eb-46f7-bde2-8c334dc21e19
Description: TDE update DB123 - PDBs: [PDB123]
Status: Success
Created: June 10, 2021 4:24:39 PM BST
Progress: 100%
Message:
Everything working as expected.
For the new pluggable database :
SQL> select * from v$encryption_wallet
WRL_TYPE -------------------- WRL_PARAMETER -------------------------------------------------------------------------------- STATUS WALLET_TYPE WALLET_OR KEYSTORE FULLY_BAC ------------------------------ -------------------- --------- -------- --------- CON_ID ---------- FILE
OPEN_NO_MASTER_KEY PASSWORD SINGLE UNITED UNDEFINED 4
SQL> ADMINISTER KEY MANAGEMENT SET KEY USING TAG 'tag' FORCE KEYSTORE IDENTIFIED BY Password# WITH BACKUP USING 'backup_10062021' 2 /
keystore altered.
So no single or double quotes surrounding the password.
That was after closing the keystore and then reopening.
SQL> ADMINISTER KEY MANAGEMENT SET KEYSTORE close identified by Password99#
keystore altered.
As root :
dbcli update-tdekey -i da29189a-b5eb-46f7-bde2-8c334dc21e19 -n DB123 -hp Password99#
dbcli describe-job -i da29189a-b5eb-46f7-bde2-8c334dc21e19
Job details
----------------------------------------------------------------
ID: da29189a-b5eb-46f7-bde2-8c334dc21e19
Description: TDE update DB123 - PDBs: [PDB123]
Status: Success
Created: June 10, 2021 4:24:39 PM BST
Progress: 100%
Message:
Everything working as expected.
See also :
No comments:
Post a Comment