Index

A B C D E F G H I J K L M N O P R S T U V W

A

access control
- how configuration works 2.4.1
access control configuration 2.4
access control options 2.4.3
access grants 2.4.2
access settings
- endpoint groups 7.6.3
- removing from virtual wallets 6.2.3
Actions menu 3.5.1
add_epg_member command 10.9.5.2
add_wallet_access_ep command 10.9.6.3
add_wallet_access_epg command 10.9.6.9
administration
- Oracle Key Vault 2.5.1
administrative roles
- overview 2.5.3
alerts
- about 12.5
- configuring 12.5
- viewing 12.5
appliance automation
- commands
  - enrollment token management 10.9.3
  - virtual wallet management 10.9.6
archiving
- credential files 11.3.1
- JKS and JCEKS keystores 11.2.1
auditing
- about 12.6.1
- Audit Manager role 2.5.3
- managing 12.6
Audit Manager role
- functions 2.5.3
auto-login wallets
- creating for accessing Oracle Key Vault credentials 8.3.2

B

backing up and restoring data 4.3
- with Oracle Key Vault 1.4.7
backup destinations
- creating a remote backup destination 4.3.2.2
- LOCAL 4.3.2.1
backups
- destinations 4.3.2, 4.3.2.1
- editing 4.3.4.2
- protecting with recovery passphrase 4.3.4.5
- scheduling 4.3.4.1
- types 4.3.3.1
backup scheduling 4.3.4
- about 4.3.3
- deleting 4.3.4.3
- types 4.3.3.1
backup time
- setting 4.3.4.1
benefits
- centralizing key lifecyle management 1.1
- centralizing key storage 1.1
- fighting security threats 1.1

C

centralized storage
- Java keystores 2.3.1
- Oracle wallet files 2.3.1
certifcates
- rotating, about 13.1.1
- rotating, procedure 13.1.3
- rotation, checking status 13.1.4
certificates
- rotating, advice 13.1.2
changepwd command (okvutil) 8.7.6
changing passwords 5.2
changing recovery passphrase 12.4.2.2
configuration files
- endpoint configuration file 8.6
configuring
- alerts 12.5
configuring high availability 4.2
create_endpoint_group command 10.9.5.1
create_endpoint command 10.9.3.1
create_wallet command 10.9.6.1
creating a user group 5.5.2
creating users 5.1.2
credential files
- about archiving and downloading 11.3.1
- best practices for archiving and downloading 11.3.4
- downloading 11.3.3
- uploading 11.3.2

D

dashboard 12.4.4
data
- backing up 4.3
- restoring 4.3
deactivating keys 6.4.1, 6.4.2, 6.4.4
delete_endpoint_group command 10.9.5.4
delete_endpoint command 10.9.3.7
delete_wallet command 10.9.6.6, 10.9.6.12
deleting user groups 5.5.7
deleting users 5.1.4
deployment architecture
- Oracle Key Vault 2.2
deployments
- credential files, archiving and downloading 11.3.1
- Java keystores, archiving and downloading 11.1.1
- JKS and JCEKS keystores, archiving and downloading 11.2.1
- Oracle wallets, archiving and downloading 11.1.1
- TDE direction connection for TDE wallets 11.4.1
diagnostics generation utility
- transaction check error B.10
download command 10.9.3.3
download command (okvutil) 8.7.5, 11.1.3
drop_epg_member command 10.9.5.3
drop_wallet_access_ep command 10.9.6.5

E

email
- modify_endpoint_email command 10.9.4.5
email notification
- creating user email configuration 12.3.2
- de-registering user email configuration 12.3.4
- opting not to receive 5.4.1
- testing user email configuration 12.3.3
emergency system recovery 2.5.4, 12.4.2
endpoint access to wallets 7.3.1
endpoint administrators
- about 2.6
endpoint database requirements 3.1.4
endpoint groups
- about creating 7.6.1
- add_epg_member command 10.9.5.2
- add_wallet_access_epg command 10.9.6.9
- create_endpoint_group command 10.9.5.1
- creating 7.6.1
- delete_endpoint_group command 10.9.5.4
- drop_epg_member command 10.9.5.3
- modfify_endpoint_group_desc command 10.9.5.5
- modify_wallet_access_epg command 10.9.6.10, 10.9.6.11
- modifying 7.6.2
- removing 7.6.5
- removing a member from 7.6.4
endpoint membership
- adding 7.7.3, 7.7.5
endpoint platform 3.1.3
endpoints 7.6.1
- See also: endpoint groups
- about 8.1
- about managing 7.1
- add_epg_member command 10.9.5.2
- adding access to virtual wallet 7.3.1
- adding to an endpoint group 7.7.3, 7.7.5
- adding using administrator-initiated enrollment 7.2.2
- adding using self-enrollment 7.2.3
- administrators for 7.1
- configuration file 8.6
- create_endpoint command 10.9.3.1
- delete_endpoint command 10.9.3.7
- deleting 7.2.5.2
  - procedure 7.2.5.2
- downloading software to endpointdownloading endpoint software to endpoint 8.3.1
- drop_epg_member commandd 10.9.5.3
- drop_wallet_access_ep command 10.9.6.5
- enrolling and provisioning 8.3.1
- enrollment 7.2.1
  - about 8.2
  - administrator initiated, about 7.2.1
  - types of enrollment 7.2.1
- enrollment process
  - about 8.2
- how Java home is determined during installation 8.4
- installing Key Vault client 8.3.2
- modify_endpoint_desc command 10.9.4.4
- modify_endpoint_email command 10.9.4.5
- modify_endpoint_name command 10.9.4.1
- modify_endpoint_platform command 10.9.4.3
- modify_endpoint_type command 10.9.4.2
- modify_wallet_access_ep command 10.9.6.4
- modifying details 7.7.2
- okvutil utility for provisioning 8.7.1
- Oracle Enterprise Manager 8.1
- password, changing 8.7.6
- provisioning
  - about 8.2
- re_enroll_all command 10.9.3.6
- reenrolling 7.2.5.2
  - procedure 7.2.5.2
- removing access to virtual wallet 7.3.2
- TDE endpoint management 8.5
endpoint self-enrollment, about 7.2.1
enrolling endpoints
- administrator initiated
  - about 7.2.1
- process 8.2
- self-initiated
  - about 7.2.1
Error
- Object is Unstorable in Container error 8.7.5
errors
- about 10.9.7.1
- at command line 10.9.7.2

F

failover
- restoring high availability 4.2.4

G

general maintenance 12
granting access to objects or users 2.4.2
granting roles 5.1.3

H

high availability
- and Active Data Guard 1.4.5
- and restore 4.3.5.3
- clusters 4.2.3
- configuring 4.2, 4.2.2
- how it works 4.2.1
- unconfiguring 4.2.5
- with Oracle Key Vault 1.4.5
High Availability
- Read-Only Restricted Mode 4.2.6.1.1

I

installation passphrase 3.2, A
interfaces 1.5

J

JAVA_HOME environment variable
- how determined during client installation 8.4
Java keystores
- downloading 8.7.5, 11.2.3
- uploading 8.7.3, 11.2.2
JKS and JCEKS keystores
- archiving
  - about 11.2.1
  - best practices 11.2.4
  - procedure 11.2.2
- downloading
  - best practices 11.2.4
  - procedure 11.2.3

K

Kerberos keytabs
- downloading 8.7.5
Key Administrator role
- functions 2.5.3
key rotation 2.3.2
keys
- changing state of 6.4
- deactivating 6.4.1, 6.4.2, 6.4.4
- finding for Key Vault 8.7.4
- revoking 6.4.3
KMIP Protocol 1.4.9

L

liborapkcs.so file
- about 8.3.2
- copying to endpoint 8.3.2
list command (okvutil) 8.7.4
LOCAL
- backup destinations 4.3.2.1
log file locations B.3

M

managed content
- viewing 12.4.5
management console 3.4
- about 1.5
- logging in to 3.3
Management Information Base (MIB) variables 12.2.6
management of Oracle Key Vault 12
master encryption keys
- See: persistent master key cache
- TDE,
  - See: persistent master key cache
modfify_endpoint_group_desc command 10.9.5.5
modify_endpoint_desc command 10.9.4.4
modify_endpoint_email command 10.9.4.5
modify_endpoint_name command 10.9.4.1
modify_endpoint_platform command 10.9.4.3
modify_endpoint_type command 10.9.4.2
modify_wallet_access_ep command 10.9.6.4
modify_wallet_access_epg command 10.9.6.10, 10.9.6.11
modify_wallet_desc command 10.9.6.2
modifying a user group 5.5.6
monitoring
- remote monitoring 12.2.1
- SNMP 12.2.1
MySQL integration with Oracle Key Vault 11.9

N

network services
- setting 12.4.1

O

OASIS Key Management Interoperability Protocol (KMIP)
- Oracle Key Vault implementation of 1.4.9
okvclient.ora file
- about 8.6
okvutil utility
- about 1.5
- changepwd command 8.7.6
- download command 8.7.5
- list command 8.7.4
- syntax 8.7.2
- upload command 8.7.3
- used to manage endpoints 8.7.1
options for access control 2.4.3
Oracle Active Data Guard
- migrating Oracle wallets 11.8.4
- TDE direct connections 11.8.3
- uploading Oracle wallets to Oracle Key Vault 11.8.1
Oracle Enterprise Manager
- endpoints 8.1
- TDE integration with Oracle Key Vault 8.1
Oracle Key Vault
- administering 12.4
- benefits 1.1
- endpoint database requirements 3.1.4
- endpoint platform 3.1.3
- installing 3.2, A
- other Oracle Database product support 11.4.2
- RESTful services 10.1
- standards and protocols 1.4.9
- system requirements 3.1.1
- who should use 1.3
Oracle Key Vault client software
- auto-login wallet 8.3.2
- installing 8.3.2
- password-protected wallet 8.3.2
- setting credentials for accessing 8.3.2
Oracle Key Vault configurations 12.4.1
Oracle Key Vault endpoint utility
- See: okvutil utility
- about 1.5
Oracle Key Vault features
- MySQL integration 1.4.12
Oracle Key Vault interfaces 1.5
Oracle Key Vault keys
- finding 8.7.4
Oracle Key Vault management console 3.4
- about 1.5
- logging in to 3.3
Oracle Key Vault restore 4.3.5
Oracle Key Vault status
- viewing 12.4.4
Oracle Key Vault use cases 2.3
Oracle Real Application Clusters
- archiving Oracle wallets 11.6
- RESTful services 10.1
Oracle wallets
- archiving
  - about 11.1.1
  - best practices 11.1.4
- archiving in Oracle Real Application Clusters environment 11.6
- downloading 11.1.3
  - best practices 11.1.4
- restoring from Key Vault wallets 11.4.4.3
- uploading 11.1.2

P

passphrases
- recovering credentials 12.4.2.1
password-protected wallets
- creating for accessing Oracle Key Vault credentials 8.3.2
passwords
- changing 5.2
- changing endpoint password 8.7.6
- how changing works 5.2.1
persistent master key cache
- about 11.4.5.1
- architecture 11.4.5.2
- contents of, listing 11.4.5.6
- modes of operation
  - first mode 11.4.5.3.2
  - Oracle Key Vault first mode 11.4.5.3.1
- Oracle Database deployments 11.4.5.7
- PKCS11_CACHE_TIMEOUT parameter 11.4.5.5.1
- PKCS11_PERSISTENT_CACHE_FIRST parameter 11.4.5.5.3
- PKCS11_PERSISTENT_CACHE_REFRESH_WINDOW parameter 11.4.5.5.4
- PKCS11_PERSISTENT_CACHE_TIMEOUT parameter 11.4.5.5.2
PKCS11_CACHE_TIMEOUT parameter 11.4.5.5.1
PKCS11_PERSISTENT_CACHE_FIRST parameter 11.4.5.5.3
PKCS11_PERSISTENT_CACHE_REFRESH_WINDOW parameter 11.4.5.5.4
PKCS11_PERSISTENT_CACHE_TIMEOUT parameter 11.4.5.5.2
power off 12.4.1
power on 12.4.1
primary-standby configuration
- changing SNMP settings on standby server 12.2.4
privileges 2.4.1
- See also: access control

R

re_enroll_all command 10.9.3.6
Read-Only Restricted Mode
- High Availability 4.2.6.1.1
reboot 12.4.1
recovery passphrase
- changing 12.4.2.2
- protecting the backup 4.3.4.5
- recovering credentials 12.4.2.1
reenrolling endpoints
- procedure 7.2.5.2
rekey operation 2.3.2, 11.1.4, 11.8.1
remotely monitoring using SNMP 12.2.5
remote monitoring
- about 12.2.1
- changing settings on standby server 12.2.4
- changing user name and password 12.2.3
- granting SNMP access to users 12.2.2
reports
- viewing 12.7
RESTful administrative commands
- create_endpoint 10.9.3.1
- error reporting
  - about 10.9.7.1
- error reporting at command line 10.9.7.2
- modify_endpoint_platform 10.9.4.3
RESTful services
- about 10.1
- configuration file
  - creating 10.3
- multitenant environments 10.1
- Oracle Real Application Clusters 10.1
RESTful Services
- commands
  - endpoint management 10.9.5
- command syntax 10.9.1, 10.9.2
- enabling 10.2
- performing
  - single operation 10.5
restore 4.3.5
restore process 4.3.5.1
- about 4.3.5
- and high availability 4.3.5.3
- restoring Key Vault steps 4.3.5.2
- system state after 4.3.5.5
restoring a system 4.3.5.2
restoring high availability after a failover 4.2.4
revoking keys 6.4.3
revoking roles 5.1.3
roles 2.5.3
- granting or revoking 5.1.3
rotation of encryption key 11.1.4

S

scheduled backups 4.3.4.1
- deleting 4.3.4.3
- editing 4.3.4.2
Search bars 3.5.2
searches
- how to perform searches in Oracle Key Vault 3.5
searching for items
- all items section 6.5.1
security objects
- adding details 6.5.2
- changing state of 6.4
- deactivating keys 6.4.1, 6.4.2, 6.4.4
- downloading to different types 8.7.5
- modifying details of 6.5.2
- revoking keys 6.4.3
- viewing details of 6.5.2
separation of duties 2.5.2
setting access to wallet 7.6.3
SNMP
- about 12.2.1
- changing settings on standby server 12.2.4
- changing user name and password 12.2.3
- example of simplified remote monitoring 12.2.7
- granting access to user 12.2.2
- Management Information Base (MIB) variables 12.2.6
- remotely monitoring Oracle Key Vault 12.2.5
SSH key files
- downloading from Key Vault to a wallet 8.7.5
switching primary and secondary nodes 4.2.3
System Administrator role
- functions 2.5.3
system recovery 2.5.4
system requirements 3.1.1
system state
- after restore 4.3.5.5

T

TDE direct connections
- about 11.4.1
- configuration for database with existing TDE data 11.4.4.1
- configuration for database with no TDE data 11.4.3
- use case 2.3.2
TDE intetegration with Oracle Key Vault
- Oracle Enterprise Manager 8.1
TDE master keys
- centralized management 2.3.2
template
Transparent Data Encryption
- endpoint management 8.5
troubleshooting
- finding log files B.3
- upgrade errors B.7
- uploading Java keystores B.4
- uploading keystores with same file name but different contents B.6
- uploading the same Oracle wallet multiple times B.5
types of backups 4.3.3.1

U

upgrades
- error handling B.7
upload command (okvutil) 8.7.3
uploading
- Oracle wallets 11.1.1
use cases 2.3
user details
- modifying 5.4.1
user details page 5.4.2
user groups
- adding a user 5.5.3
- creating 5.5.2
- deleting 5.5.7
- modifying 5.5.6
- removing a user 5.5.4
- virtual wallet access 5.5.1
users
- creating 5.1.2
- deleting 5.1.4
- removing access to virtual wallets 6.3.3
- types of in Oracle Key Vault 5.1.1

V

viewing
- managed content status 12.4.5
virtual wallets
- about 6.1.1
- access for user groups 5.5.1
- adding endpoint access to 7.3.1
- adding items 6.1.3
- creating 6.1.2
- deleting 6.1.5
- removing access settings from 6.2.3
- removing endpoint access to 7.3.2
- removing individual access to 6.3.3
- removing items 6.1.3
- restoring Oracle wallets from 11.4.4.3

W

wallets
- add_wallet_access_ep command 10.9.6.3
- add_wallet_access_epg command 10.9.6.9
- create_wallet command 10.9.6.1
- delete_wallet command 10.9.6.6, 10.9.6.12
- downloading from Key Vault to a wallet 8.7.5
- drop_wallet_access_ep command 10.9.6.5
- modify_wallet_access_ep command 10.9.6.4
- modify_wallet_access_epg command 10.9.6.10, 10.9.6.11
- modify_wallet_desc command 10.9.6.2
- uploading contents to Key Vault server 8.7.3
Web Access, SSH Access, SNMP Access 12.4.1