1. Administering Oracle Data Safe
  2. Target Database Registration
  3. Pre and Post Registration Tasks

Pre and Post Registration Tasks

Prior to and after registering a database, be sure to complete the necessary pre and post registration tasks. The tasks required depend on the type of database that you want to register. Please refer to the target registration information for your target database to learn which pre and post registration tasks might be necessary.

This section has the following articles:

Configure a TLS Connection Between the On-Premises Connector on Your Host Machine and an Autonomous Database on Exadata Cloud@Customer Database

You need to configure a TLS connection between the Oracle Data Safe on-premises connector on your host machine and Autonomous Database on Exadata Cloud@Customer.

Perform the following steps only once per Exadata Cloud@Customer cluster:
  1. Download the Autonomous Database wallet.
  2. Export the database server certificate by running the following command. For -dn <db server DN>, enter the first part of the database scan name, which you can find in the tnsnames.ora file. For <database server certificate file>, enter the location where you want to store the certificate (the command below creates the certificate). 
    orapki wallet export -wallet <database wallet location> -dn <db server DN> -cert <database server certificate file>
  3. For the first pluggable database (PDB) in the Exadata Cloud@Customer cluster (and only the first PDB - not the remaining PDBs in the cluster), import the database server certificate into the on-premises connector wallet. To do this, run the following command, and when prompted, enter the wallet password. The wallet password is the password that you created when you downloaded and installed the install bundle. 
    orapki wallet add -wallet <on-premises connector wallet location> -trusted_cert -cert <database server certificate file>

Add the Security Certificate for the Amazon RDS Region

If registering an Amazon RDS for Oracle database with either a private endpoint or an on-premises connector, then you need to add the security certificate of the specific Amazon Web Services (AWS) region as a trusted certificate to the endpoint's or connector's wallets.

  1. Download the certificate of the specific AWS region on which your Amazon RDS is present. See Using SSL/TLS to encrypt a connection to a DB instance from Amazon for more information.
  2. Add the certificate to the on-premises connector or private endpoint:
     orapki wallet add -wallet <install location>/wallet -trusted_cert -cert <certificate file>