-
Notifications
You must be signed in to change notification settings - Fork 1
/
idenc_tde_pdbuni.sql
46 lines (40 loc) · 1.81 KB
/
idenc_tde_pdbuni.sql
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
--------------------------------------------------------------------------------
-- OraDBA - Oracle Database Infrastructur and Security, 5630 Muri, Switzerland
--------------------------------------------------------------------------------
-- Name......: idenc_tde_pdbuni.sql
-- Author....: Stefan Oehrli (oes) [email protected]
-- Editor....: Stefan Oehrli
-- Date......: 2023.08.29
-- Revision..:
-- Purpose...: Initialize TDE in a PDB in united mode i.e., with a common wallet
-- of the CDB in WALLET_ROOT. The CDB must be configured for
-- TDE beforehand. This scripts does use several other scripts to
-- enable TDE and it also includes restart of the pdb.
--
-- The following steps are performed:
-- - csenc_master.sql create master encryption key
-- - restart pdb
-- - ssenc_info.sql show current TDE configuration
-- Notes.....:
-- Reference.: Requires SYS, SYSDBA or SYSKM privilege
-- License...: Apache License Version 2.0, January 2004 as shown
-- at http://www.apache.org/licenses/
--------------------------------------------------------------------------------
-- format SQLPlus output and behavior
SET LINESIZE 160 PAGESIZE 200
SET HEADING ON
SET FEEDBACK ON
-- start to spool
SPOOL idenc_tde_pdbuni.log
-- uncomment the following line if you have issues with pre-created master
-- encryption keys. e.g., because TDE wallets have been recreated
--@idenc_lostkey.sql
-- configure master encryption key
@csenc_master.sql
PROMPT == Restart database to load software keystore with new master key =======
ALTER PLUGGABLE DATABASE CLOSE;
ALTER PLUGGABLE DATABASE OPEN;
-- display information
@ssenc_info.sql
SPOOL OFF
-- EOF -------------------------------------------------------------------------