| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 |
Tags
- oracle tde
- Oracle Database
- oracle SCN
- oracle dba_profile password_life_time
- 오라클
- oracle install
- MSSQL
- oracle 테스트 데이터
- oracle awr
- ora-39083 ora-00439
- oracle 파티션 datapump
- mssql database 삭제
- oracle role 삭제
- SQL Server
- oracleasm
- ora-28002: the password will expire within 7 days
- oracle datapump
- oracle supplemental
- sql user 생성
- partition_options=merge
- oracle pdb
- oracle
- oracle system lock
- supplemental log 활성화
- Oracle RAC
- SSMS
- ORA-00020
- create role
- oracle account_status expired
- ora-00439: feature not enabled: partitioning
Archives
- Today
- Total
신문지한장
[Tech] oracle TDE 설정 방법 (11g 이하) 본문
OS : CentOS 7.9 (64bit)
DB : Oracle Database 11g ( Release - 11.2.0.4 )
TDE (Transparent Data Encryption) 제약 사항
- EE(Enterprise Edition)에서만 사용 가능
- SYSTEM, SYSAUX, UNDO, TEMP tablespace는 암호화 불가
- Database 재기동 필요 (parameter file 변경 때문)
1. wallet 설정 여부 확인
col WRL_PARAMETER for a50
select * from v$encryption_wallet;
2. TDE 적용 (암호화 된) 테이블스페이스 확인
SQL> select tablespace_name, encrypted from dba_tablespaces;
TABLESPACE_NAME ENC
------------------------------ ---
SYSTEM NO
SYSAUX NO
UNDOTBS1 NO
TEMP NO
USERS NO
3. wallet dir 생성 ( /oracle/app/oracle 아래 생성)
$ mkdir wallet11
4. sqlnet.ora 수정
$ cd $ORACLE_HOME/network/admin
$ vi sqlnet.ora
# sqlnet.ora Network Configuration File: /oracle/app/oracle/product/11.2.0.4/network/admin/sqlnet.ora
# Generated by Oracle configuration tools.
NAMES.DIRECTORY_PATH= (TNSNAMES)
ADR_BASE = /oracle/app/oracle
ENCRYPTION_WALLET_LOCATION=
(SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=/oracle/app/oracle/wallet11)))
5. 암호화 키 생성
SQL> alter system set encryption key identified by "manager0";
System altered.
SQL> select * from v$encryption_wallet;
WRL_TYPE WRL_PARAMETER STATUS
-------------------- ----------------------------------- ------------------
file /oracle/app/oracle/wallet11 OPEN
6. wallet 닫기
SQL> alter system set wallet close identified by "manager0";
System altered.SQL> select * from v$encryption_wallet;
WRL_TYPE WRL_PARAMETER STATUS
-------------------- ----------------------------------- ------------------
file /oracle/app/oracle/wallet11 CLOSED
7. wallet 다시 open 후 TDE tablespace 생성 Test
SQL> create tablespace TDE_test
2 datafile '/oracle/app/oracle/oradata/orcl11/TDE_test01.dbf' size 10M
3 encryption using 'AES256' default storage(encrypt);
Tablespace created.
8. wallet 자동 open (인스턴스 재기동시 수동으로 열어 줄 필요가 없음)
$ orapki wallet create -wallet /oracle/app/oracle/wallet11 -auto_login
Oracle PKI Tool: 11.2.0.4.0 - Production 버전
Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.
전자 지갑 비밀번호 입력: <-- 비밀번호 입력'Oracle > Tech' 카테고리의 다른 글
| [Tech] ORA-28002 : oracle system 계정 lock(EXPIRED) ? (0) | 2025.02.07 |
|---|---|
| [Tech] oracle TDE 설정 방법 (12c 이상) (0) | 2024.11.21 |
| [Tech][RAC] scan ip relocate node 변경 (0) | 2024.11.06 |
| [Tech][RAC] vip 신규 추가 (1) | 2024.11.06 |
| [Tech] 성능관련 유용한 파라미터 (1) | 2024.09.13 |