Skip Headers
Oracle® Secure Enterprise Search Administrator's Guide
11g Release 2 (11.2.1)

Part Number E17332-04
Go to Documentation Home
Go to Book List
Book List
Go to Table of Contents
Go to Index
Go to Feedback page
Contact Us

Go to previous page
Go to next page
PDF · Mobi · ePub

Changing the Master Encryption Key

A master encryption key is used to encrypt secure fields in Oracle SES. You can change this key if its security is compromised or for any other reason.

To change the master encryption key: 

  1. Stop all crawler schedules.

  2. Close all middle-tier applications, except for the Monitor application.

  3. Open an interactive session on the Oracle SES middle-tier computer.

  4. Issue a searchctl rollover_key command. See the following description.

  5. Restart the crawler and the middle-tier applications.

searchctl rollover_key

This command has the following syntax:

searchctl rollover_key options

Options have the format keyword=value:


Local JDBC connection string for the Oracle SES database. For example, localhost:5555:ses1. Required.


Oracle SES administrative password, that is, for the SEARCHSYS user. If you omit this password from the command, then you are prompted for it.


URL to the WebLogic Server Administration Console. For example, t3://wls_example:8000. Required.


User name of the WebLogic administrative user. (Required)


Password of the WebLogic administrative user. If you omit this password from the command, then you are prompted for it.


New master key. If you omit this option, a random master key is set.

The following command changes the master key to "testing123";

searchctl rollover_key ses_db_conn_str=localhost:5555:ses1 ses_admin_passwd=password wls_admin_user=weblogic wls_admin_passwd=password wls_admin_server=t3://asHost:8000 master_key=testing123