Database Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

TDE and autologin wallets on ASM for RAC

3599688Jan 19 2018 — edited Feb 5 2018

Hi folks,

We are implementing TDE for RAC databases on exadata and we are wondering whether there are any drawbacks of creating a shared TDE wallet for multiple instances of 1 database on ASM and also setting them as autologin. This is how it looks

ASMCMD> pwd

+DATA01EX1/TESTDB/KEY_STORE

ASMCMD> ls -l

Type Redund Striped Time Sys Name

AUTOLOGIN_KEY_STORE HIGH COARSE JAN 18 11:00:00 N cwallet.sso => +DATA01EX1/TESTDB/AUTOLOGIN_KEY_STORE/cwallet.556.965560467

KEY_STORE HIGH COARSE JAN 16 11:00:00 Y ewallet.542.965560285

KEY_STORE HIGH COARSE JAN 16 11:00:00 Y ewallet.555.965560357

KEY_STORE HIGH COARSE JAN 16 11:00:00 N ewallet.p12 => +DATA01EX1/TESTDB/KEY_STORE/ewallet.542.965560285

KEY_STORE HIGH COARSE JAN 16 11:00:00 N ewallet_2018011619123719.p12 => +DATA01EX1/TESTDB/KEY_STORE/ewallet.555.965560357

SQL> select * from gv$encryption_wallet;

INST_ID WRL_TYPE WRL_PARAMETER STATUS WALLET_TYPE WALLET_OR FULLY_BAC CON_ID

---------- -------------------- ------------------------------ ---------- -------------------- --------- --------- ----------

1 ASM +DATA01EX1/testdb/KEY_STORE/ OPEN AUTOLOGIN SINGLE NO 0

2 ASM +DATA01EX1/testdb/KEY_STORE/ OPEN AUTOLOGIN SINGLE NO 0

I did not find much guidance on this approach online.

Please let me know your opinion.

Thanks!!

Abhishek

Locked Post

New comments cannot be posted to this locked post.

Locked on Mar 5 2018

Added on Jan 19 2018

#performance-availability, #rac-asm-clusterware-installation

6 comments

4,444 views