3 Verifying and Backing Up the Encryption Key

Enterprise Manager uses an encryption key called emkey (or emkey.ora file) to encrypt and decrypt sensitive data, such as passwords and preferred credentials, which are stored in the Management Repository. The emkey is originally stored in the Management Repository, but is removed from there and copied to the Credential Store at the time of installation. Verify that the emkey is configured properly, and also back it up to a host different from the OMS host.

Step 1: Verify the emkey Configuration

Step 2: Back Up the emkey Configuration

Verify if the emkey is configured properly. To do so, run the following command: $<OMS_HOME>/bin/emctl status emkey If it is configured properly, you will see the following message: Oracle Enterprise Manager 12c Release 5 Cloud Control Copyright (c) 1996, 2015 Oracle Corporation. All rights reserved. The EMKey is configured properly. If it is configured properly, but not secure, then secure it. To do so, run the following command: $<OMS_HOME>/bin/emctl config emkey -remove_from_repos

Enterprise Manager automatically creates a backup of the emkey in the following location. Navigate to this location. $<OMS_HOME>/sysman/config/emkey.ora Copy the file to a host different from the OMS host.

Learn More What Are the Different Types of Security Threats? What Are the Basic Principles for Securing Your Environment? What Type of Security is Provided in Enterprise Manager?

Perform Additional Tasks How to Copy the emkey from the Repository to the Credential Store? How to Copy the emkey from the Credential Store to the Repository? How to Copy the emkey from the Credential Store to a Specified File?

Perform Additional Tasks How to Copy the emkey from the Repository to a Specified File? How to Copy the emkey from a Specified File to the Credential Store? How to Copy the emkey from a Specified File to the Repository? How to Remove the emkey from the Repository?