Skip to Main Content
Forums

Database Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Getting "ORA-28374: typed master key not found in wallet" on v. 12.1.0.2 with most recent 2019 PSU

Vict0rJun 27 2019 — edited Jul 9 2019

Steps taken on clean single node, non-pdb 12.1.0.2 DB install with restore of a couple schemas with data to test converting tablespace/datafiles to encrypted TS.

Notice I am not using auto login Keystore. As I understand in 12.1 we must first create the TDE Master Encryption Key before we enable auto login.

ADMINISTER KEY MANAGEMENT CREATE KEYSTORE '/opt/bt/oracledb-12c/fi4423dv/wallet' IDENTIFIED BY ********* ;

ADMINISTER KEY MANAGEMENT SET KEYSTORE OPEN IDENTIFIED BY oracledbe;

--* Verify gv$encryption_wallet:

   INST_ID WRL_TYPE        WRL_PARAMETER                                 STATUS          WALLET_TYPE          WALLET_OR FULLY_BAC     CON_ID

---------- --------------- --------------------------------------------- --------------- -------------------- --------- --------- ----------

         1 FILE            /opt/bt/grid-12c/base/admin/FI4423DV/wallet   OPEN            PASSWORD             SINGLE    NO                 0

ADMINISTER KEY MANAGEMENT SET KEY USING TAG 'ActvKeyDT: 190726.1740; ActvKeyBy: VAcevedo' IDENTIFIED BY ********* WITH BACKUP ;

*

ERROR at line 1:

ORA-28374: typed master key not found in wallet

--* Verify gv$encryption_keys

   INST_ID KEY_ID                                                  TAG                                                CREATION_TIME                            ACTIVATION_TIME                          CREATOR    USER       KEY_USE    KEYSTORE_TYPE                 CON_ID ORIGIN     BACKED_UP

---------- ------------------------------------------------------- -------------------------------------------------- ---------------------------------------- ---------------------------------------- ---------- ---------- ---------- ------------------------- ---------- ---------- ---------

         1 AdS0gXgiC08Wv6LWCkigDAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAA    ActvKeyDT: 190726.1740; ActvKeyBy: VAcevedo        26-JUN-19 05.37.32.137505000 PM -04:00   26-JUN-19 05.37.32.137508000 PM -04:00   SYS        SYS        TDE        SOFTWARE KEYSTORE                  0 LOCAL      NO      

This is happening from the very first attempt at configuring TDE and if I attempt something as simple as creating a small tablespace encrypted I get same error as above. I have already tried removing the wallet and started from scratch after bouncing DB. I continue to get the error.

If anyone here has encountered this situation and have any suggestion for me I will really appreciate any feedback.

Thank you.

Victor
Comments
Post Details
Added on Jun 27 2019
#database-security, #database-security-general
7 comments
27,406 views