1. Index

Index

A  B  C  D  E  F  G  I  J  K  L  M  N  O  P  R  S  T  U  V  W  

A

  • about managing 9.5.1
  • access control
    • access grants for virtual wallets 2.3.2
    • how configuration works 2.3.1
  • access control options 2.3.3
  • access grants 2.3.2
  • Actions menu 4.8.1
  • adding user to user group 9.5.4
  • administration users
    • multi-masters clusters effect on 9.1.2.4
  • administrative roles
  • alerts 1.5.3
  • architecture 3.3
  • archiving
  • auditing
  • Audit Manager
  • Audit Manager role
    • multi-master cluster effect on 9.1.2.3
  • Audit Vault and Database Firewall
    • consolidating audit records 20.3.5
  • Automatic Storage Management

B

  • backing up data
  • backup destinations
  • backups
  • backup scheduling 19.4
  • benefits
    • centralizing key lifecyle management 1.2
    • centralizing key storage 1.2
    • fighting security threats 1.2

C

  • candidate nodes 3.4.3.3
  • centralized storage
  • centralized storage and management of security objects 1.5.1
  • centrally managed passwords 16.4.2
  • certifcates
  • certificates
    • See: console certificates
    • rotating, advice 18.1.2
    • rotating, factors that may affect process 18.1.3
  • changepwd command (okvutil) B.3
  • changing a user group description 9.5.7
  • Classic mode network interface
  • cluster nodes
  • cluster node types
  • clusters
    • creating first node 5.2.2
    • deleting a node 5.6
    • disabling a node 5.4
    • disabling node replication 5.8.2
    • enabling a node 5.5
    • enabling node replication 5.8.3
    • force deleting a node 5.7
    • management information 3.7, 5.9
    • monitoring information 5.10
    • read-only, creating 5.2.3.2
    • read-write pair of nodes, creating 5.2.3.1
    • read-write pairs of nodes, creating 5.2.3.3
    • restarting cluster services 5.8.1
    • setting up, about 5.2.1
    • terminating node pairing 5.3
  • cluster size and availability guidance 3.5.1
  • cluster subgroups
  • Commercial National Security Algorithm (CNSA)
    • about 17.6.1
    • backup and restore operations 17.6.3
    • running scripts 17.6.2
    • upgrading primary-standby Oracle Key Vault servers 17.6.5
    • upgrading standalone Oracle Key Vault server 17.6.4
  • configuration files
    • endpoint configuration file 14.6
  • configuration parameters
    • endpoints 13.3.3.1
    • setting for individual endpoints 13.3.4
    • setting globally for individual endpoints 13.3.3.2
  • configuring a primary-standby deployment 6.1.1
  • conflicts in names of objects 5.11.1
  • console certificates
  • controller nodes
  • Create Endpoint Group privilege
    • endpoint privileges
      • separation of duty 2.4.1
    • granting or changing 9.2.5
    • separation of duty 2.4.1
  • Create Endpoint privilege
  • creating a user group 9.5.3
  • creating user accounts 9.1.3
  • credential files
  • credentials
    • guidance for SQL*Plus 16.2
    • guidance for SSH 16.3
  • critical data 3.3.4
  • C SDK 1.6.4

D

  • dashboard
  • data
    • backing up, about 19.1
    • restoring, about 19.1
  • Database as a Service
    • about configuring for Key Vault 8.2.1
    • configuring instance 8.2.2
    • creating low privileged user 8.2.3
    • deleting SSH tunnel 8.3.7
    • disabling SSH tunnel 8.3.5
    • enrolling instance as endpoint
      • about 8.4.1
      • installing Oracle Key Vault software onto 8.4.4
      • post-installation tasks 8.4.5
      • preparing environment 8.4.3
      • registering 8.4.2
    • resuming access to Oracle Key Vault 8.7
    • reverse SSH tunnel in multi-master cluster 8.3.2
    • reverse SSH tunnel in primary-standby configuration 8.3.3
    • SSH tunnel between Oracle Key Vault and DBaas instance 8.3.1
    • SSH tunnel not active 8.3.6
    • suspending access to Oracle Key Vault
    • users
      • low privileged user for DBaaS 8.2.3
    • viewing SSH tunnel details 8.3.4
  • deleting user accounts 9.1.5
  • deleting user groups 9.5.9
  • deployment
    • architecture 2.2
    • overview 1.7
  • deployments
    • credential files, archiving and downloading 16.1.1
    • Java keystores, uploading and downloading 12.4.1
    • JKS and JCEKS keystores, archiving and downloading 12.5.1
    • migrating standalone Key Vault server to multi-master cluster 3.4.4.1
    • online master keys for TDE wallets 1.3.2
    • Oracle wallets, uploading and downloading 12.4.1
    • primary-standby to multi-master cluster 3.4.4.2
    • recommendations for 5.12
  • deployment scenarios
  • diagnostic reports
  • diagnostics
    • accessing with okvutil diagnostics B.4
  • diagnostics generation utility
    • transaction check error C.9
  • disk space
    • adding for release 21.1 for multi-master cluster environment 4.6.3
    • adding for release 21.1 for standalone or primary-standby environment 4.5.4
  • disk space, adding for release 21.1 4.5.7
  • DNS
    • configuring NTP servers for non-multi-master clusters 17.2.4
    • nodes 17.3.2.4
  • DNS settings
  • download command (okvutil) B.5
  • downloading
  • downtime, minimizing 17.7
  • DSA keys, removing after upgrade 4.5.9
  • Dual NIC mode network interface
  • dual NIC network mode

E

  • effective group membership, LDAP users 10.1
  • email addresses
    • changing 9.4.1
    • disabling email notifications 9.4.2
  • email notification
  • emergency system recovery 2.6
  • endpoint administrators
  • endpoint database requirements 4.2.4
  • endpoint groups
    • access grant to virtual wallet 13.6.4
    • adding endpoint too 13.6.5
    • creating 13.6.2
    • deleting 13.6.7
    • modifying details 13.6.3
    • modifying virtual wallets from Keys & Wallets tab 11.2.3
    • multi-master clusters, effect on 13.6.1
    • naming guidelines 2.5
    • removing access to virtual wallets from Keys & Wallets tab 11.2.2
    • removing endpoint 13.6.6
  • endpoint node scan lists
  • endpoint platforms, supported 4.2.3
  • endpoint privileges
  • endpoints 13.6.2
    • See also: endpoint groups
    • about 13.2.5.1
    • about managing 13.1.1
    • adding access to virtual wallet 13.5.1
    • adding to an endpoint group 13.6.5
    • adding using administrator-initiated enrollment 13.2.3
    • adding using self-enrollment 13.2.4
    • adding using self-enrollment, about 13.2.4.1
    • adding using self-enrollment, procedure for 13.2.4.2
    • administrators for 13.1.1
    • alternative for individual 13.2.5.3
    • associating default wallet with 13.4.1
    • configuration file 14.6
    • configuration parameters, about 13.3.3.1
    • DBaaS
    • default wallet, setting for 13.4.2
    • deleting 13.2.5.1, 13.2.5.2, 13.2.5.3
    • details
    • diagnostics B.4
    • downloading software 14.2.1
    • endpoint node scan lists 3.6.3
    • enrolling and provisioning 14.2.1
    • enrollment
    • enrollment in multi-master cluster 13.2.2
    • enrollment process
    • enrollment types 13.2.1
    • guidance on enrolling across deployments 3.5.3
    • installing software for new enrollment 14.2.3
    • Java home, how determined 14.3.1
    • limitiations of TDE endpoint integration 12.2.2
    • modifying virtual wallets from Keys & Wallets tab 11.2.3
    • multi-master clusters, effect on 13.1.2
    • naming guidelines 2.5
    • nodes available for connection 3.6.3
    • not using Oracle Key Vault client software 14.4
    • okvclient.ora file 14.6
    • okvutil utility for provisioning B.1
    • one or more endpoints 13.2.5.2
    • Oracle Cloud Infrastructure database instance
    • password, changing B.3
    • post-installation for new enrollment 14.2.4
    • preparing environment for new enrollment 14.2.2
    • privileges for managing 2.4.3.1
    • provisioning
    • reenrolling 13.2.5.5
    • removing access to virtual wallets from Keys & Wallets tab 11.2.2
    • removing from an endpoint group 13.6.6
    • reports 20.4.5
    • revoking access to virtual wallet 13.5.2
    • setting configuration parameters globally 13.3.3.2
    • setting configuration parameters individually 13.3.4
    • suspending 13.2.5.4
    • TDE endpoint management 14.5
    • upgrading for enrolled 14.7.2
    • upgrading for unenrolled
      • downloading Oracle Key Vault okvclient.jar software 14.7.1.2
      • installing Oracle Key Vault okvclient.jar software 14.7.1.3
      • post-installation tasks 14.7.1.4
      • preparing environment 14.7.1.1
    • upgrading from unenrolled endpoint 14.7.1
    • wallet items, viewing 13.5.3
  • endpoint self-enrollment, about 13.2.1
  • enrolling endpoints
  • environment variables
    • JAVA_HOME, how determined during client installation 14.3.1
    • OKV_HOME
      • non-database utilities 14.3.3
      • set during installation 14.3.2
    • okvclient.ora location of 14.3.2
    • persistent master encryption key cache 12.1.4
    • sqlnet.ora file 14.3.4
  • Error
    • Object is Unstorable in Container error B.5
  • EXPIRE PKCS11 PERSISTENT CACHE ON DATABASE SHUTDOWN parameter 12.1.7.6
  • external keystore password uploads
  • external keystore password uploads to large deployments 16.4.2
    • changing passwords 16.4.5
    • example script for using passwords 16.4.3
    • sharing secrets 16.4.4

F

  • failovers
    • restoring primary-standby after 6.4
  • failover situations
    • read-only restricted mode C.14.1
  • FIPS 140–2 2.9
  • FIPS-Inside
    • See: FIPS mode
  • FIPS mode 2.9

G

  • granting access to objects or users 2.3.2

I

  • initial node
  • installation and configuration
    • about 4.1
    • downloading appliance software 4.3.1
    • endpoint database requirements 4.2.4
    • endpoint platform, supported 4.2.3
    • installing appliance software procedure 4.3.2
    • network port requirements 4.2.2
    • post-installation tasks 4.3.3
    • system requirements 4.2.1
  • installing appliance software 4.3.2
  • interfaces 1.6

J

  • JAVA_HOME environment variable
    • how determined during client installation 14.3.1
    • location determined during installation 14.3.1
  • Java keystores
    • downloading B.5
    • uploading B.7
  • Java SDK 1.6.4
  • JKS and JCEKS keystores
  • JKS and JCKS keystores
    • change to content guidance 12.5.4
    • downloading
    • overwriting danger of 12.5.4
    • sharing with multiple endpoints guidance 12.5.4
    • uploading

K

  • Kerberos keytabs
    • downloading B.5
  • kernels, removing after upgrade 4.5.8
  • Key Administrator role
  • key lifecycle management 1.5.2
  • key management reports for Oracle endpoints 20.4.2
  • key rotation 1.3.2
  • keys
  • keystores
    • Automatic Storage Management
      • about uploading from 15.4.1
      • copying keystore to 15.4.3
      • procedure for uploading from 15.4.2
  • KMIP Protocol 1.5.8

L

  • LDAP configuration
    • about 10.1
    • about logging in as LDAP user 10.4.1
    • creating the provider connection 10.3.2
    • deleting 10.5.5
    • disabling 10.5.4
    • enabling 10.5.1
    • LDAP directory server preparation tasks 10.3.1
    • logging in as LDAP user 10.4.2
    • mapping LDAP groups to Oracle Key Vault user groups 10.3.3
    • modifying 10.5.2
    • privilege grants for LDAP users 10.2
    • testing 10.5.3
  • LDAP groups
  • LDAP users
  • list command (okvutil) B.6
  • local backup destinations
  • log file locations C.3
  • logging in
  • logging in to management console 4.4

M

  • Manage Endpoint Group privilege
  • Manage Endpoint privilege
  • management console
  • Management Information Base (MIB) variables 20.1.1.6
  • master encryption keys
    • See: persistent master encryption key cache
    • persistent master encryption key cache 1.5.5, 12.1.3
    • TDE,
      • See: persistent master encryption key cache
    • user-defined key as 12.6.1
  • maximum disable node duration
  • Microsoft Active Directory
    • See: LDAP configuration
  • monitoring
  • monitoring information for clusters 5.10
  • multi-master clusters 3.3
    • about managing 5.1
    • about upgrading 4.6.4.1
    • addition of new server to cluster 3.4.3.3
    • addition of nodes 3.4.3.4
    • administration users, effect on 9.1.2.4
    • auditing for cluster
    • auditing for individual nodes
    • Audit Manager role, affect on 9.1.2.3
    • backup and restore operations 19.1
    • benefits 3.2
    • building and managing, about 3.4.1
    • candidate node 3.4.3.3
    • changing recovery passphrase 17.4.4
    • checking upgrade success 4.6.5
    • cluster node 3.3.1
    • cluster subgroups 3.3.3
    • controller node 3.4.3.2
    • critical data 3.3.4
    • difference from primary-standby configuration 6.1.3
    • DNS for individual nodes
    • DNS settings 17.3.3.2
    • downtime, minimizing 17.7
    • effect on role management 9.2.1
    • endpoint enrollment 13.2.2
    • endpoint groups, effect on 13.6.1
    • endpoints 13.2.2
    • endpoints, effect on 13.1.2
    • expansion of
    • FIPS mode for individual nodes, setting 17.3.2.5
    • host name network setting for individual nodes 17.3.2.1
    • inconsistency resolution 3.6.1
    • initial node 3.4.2
    • Key Administrator role, effect on 9.1.2.2
    • keys, effect on 11.4.2
    • maximum disable node duration 17.3.3.3
    • mid-size cluster 3.5.3
    • migrating standalone Key Vault server to 3.4.4.1
    • mode types 3.3.7
    • multi-master clusters
      • expansion of
    • name conflict resolution 3.6.2
    • network services for individual nodes 17.3.2.2
    • node limitations 3.3.2
    • operations permitted on modes 3.3.8
    • Oracle Audit Vault 17.3.2.10, 20.1.5
    • Oracle Key Vault management console, setting timeout 17.3.3.8
    • overview 3.1
    • preparation for pre-upgrade 4.6.2
    • primary-standby to multi-master cluster 3.4.4.2
    • read-only mode 3.3.7
    • read-only node 3.3.6
    • read-only restricted mode 3.3.7
    • read-write mode 3.3.7
    • read-write node 3.3.5
    • reconfiguration changes 3.4.3.2
    • RESTful services enablement 17.3.3.5
    • restore operations 19.5.3
    • reverse SSH tunnels 8.3.2
    • security objects, effect on 11.4.2
    • size and availability 3.5.1
    • SNMP settings 17.3.3.7
    • SNMP settings for individual node 17.3.2.9
    • syslog destination
    • syslog settings 17.3.3.4
    • syslog settings, node 17.3.2.6
    • System Administrator role, effect on 9.1.2.1
    • system settings 17.3.1
    • system settings for individual nodes 17.3.2
    • system time for cluster
    • system time for individual nodes
    • system users, effect on 9.1.2.5
    • two data centers 3.5.3
    • two nodes 3.5.2
    • upgrade, about 4.6.1
    • upgrading each node 4.6.4.2
    • upgrading read-write nodes 4.6.4.3
    • user accounts, effect on 9.1.2
    • user groups, changing description 9.5.7
    • user groups, creating in 9.5.3
    • user groups, deleting 9.5.9
    • user groups, effect on 9.5.2
    • user groups, removing users from 9.5.8
    • user groups, renaming 9.5.6
    • users, effect on 9.1.2.4
    • virtual wallet user access to 9.2.7
  • MySQL integration with Oracle Key Vault 15.5

N

  • naming conflicts
  • network details
    • configuring for non-multi-master clusters 17.2.1
  • network interface
  • network port requirements 4.2.2
  • network services
    • configuring for non-multi-master clusters 17.2.2
  • nodes
    • creating first node 5.2.2
    • deleting 5.6
    • disabling 5.4
    • disabling replication 5.8.2
    • enabling 5.5
    • enabling replication 5.8.3
    • force deleting 5.7
    • restarting cluster services for 5.8.1
    • terminating pairing of 5.3
  • NTP servers
    • configuring DNS for non-multi-master clusters 17.2.4

O

  • OASIS Key Management Interoperability Protocol (KMIP)
    • Oracle Key Vault implementation of 1.5.8
  • objects
    • naming guidelines 2.5
  • OKV_HOME environment variable
    • non-database utilities 14.3.3
  • okvclient.jar
    • downloading for installation on endpoint 14.2.1
  • okvclient.ora file
  • okvutil utility
    • about 1.6, 1.6.2
    • changepwd command B.3
    • diagnostics command B.4
    • download command B.5
    • list command B.6
    • syntax B.2
    • upload command B.7
    • used to manage endpoints B.1
  • online master keys
    • about using with Oracle Key Vault 1.3.2
    • centralized management of TDE keys 1.3.2
    • Oracle Data Guard connection 15.3.3
    • Oracle GoldenGate 15.2.2
  • operations, restrictions and conditions of A
  • options for access control 2.3.3
  • Oracle Active Data Guard
    • support for data moves 15.6
  • Oracle Audit Vault
    • enabling Oracle Key Vault to send data to, for non-multi-master clusters 17.2.9
    • integration for node 17.3.2.10, 20.1.5
  • Oracle Cloud Infrastructure database instance endpoints
  • Oracle Data Guard
    • migrating Oracle wallets 15.3.4
    • online master keys connection 15.3.3
    • reverse migrating wallets 15.3.5
    • uploading wallets to Oracle Key Vault 15.3.1
  • Oracle Data Pump support for data moves 15.6
  • Oracle GoldenGate
    • online master keys with
    • TDE wallet migration
    • wallets used with 15.2.1
  • Oracle Key Vault
    • administering cluster environments 17.3
    • benefits 1.2
    • deployment architecture 2.2
    • deployment overview 1.7
    • key management, about 1.1
    • standards and protocols 1.5.8
    • who should use 1.4
  • Oracle Key Vault client
  • Oracle Key Vault client software
    • endpoints not using 14.4
  • Oracle Key Vault compute instance
  • Oracle Key Vault compute instances
    • backup operations 7.4.3
    • restore operations 7.4.3
  • Oracle Key Vault concepts 2.1
  • Oracle Key Vault endpoint utility
    • See: okvutil utility
  • Oracle Key Vault features
    • ASM cluster file system encryption key management 1.5.12
    • audit and monitoring services, external support for 1.5.10
    • backup and restore support for security objects 1.5.6
    • centralized storage and management of security objects 1.5.1, 1.5.8
    • database release and platform support 1.5.9
    • DBaaS endpoint support 1.5.13
    • HSM integration 1.5.14
    • key lifecycle management 1.5.2
    • MySQL integration 1.5.11
    • persistent master encryption key cache 1.5.5
    • primary-standby environment support 1.5.15, 17.5
    • reporting and alerts 1.5.3
    • RESTful service support 1.5.7
    • separation of duties 1.5.4
  • Oracle Key Vault general system administration
  • Oracle Key Vault interfaces 1.6, 1.6.2
  • Oracle Key Vault keys
  • Oracle Key Vault maintenance
  • Oracle Key Vault management console
    • about 1.6
    • overview of 4.7
    • timeout for multi-master cluster nodes 17.3.3.8
    • timeout for Web sessions for non-multi-master clusters 17.2.10
  • Oracle Key Vault Multi-Master Cluster A
  • Oracle Key Vault status
  • Oracle Key Vault use cases 1.3
  • Oracle Real Application Clusters
    • support for data moves 15.6
    • wallets 15.1
  • Oracle Recovery Manager (RMAN) support for data moves 15.6
  • Oracle wallets

P

  • passphrases 17.4.1
    • See also: passwords
    • changing in clusters environment 17.4.4
    • changing in non-clusters environment 17.4.3
    • recovering credentials 17.4.2
    • recovering system 17.4.1
  • passwords 17.4.1
    • See also: passphrases
    • about changing 9.3.1, 9.3.3
    • centrally managed 16.4.2
    • changing endpoint password B.3
    • changing password automatically 9.3.3.2
    • changing password manually 9.3.3.1
    • changing support user 9.3.3.3
    • changing your own 9.3.2
    • controlling manual password reset operations, about 9.3.4.1
    • controlling manual password reset operations, configuration 9.3.4.2
  • persistent master encryption key cache
    • about 12.1.1
    • architecture 12.1.2
    • caching master encryption keys in-memory 12.1.3
    • contents of, listing 12.1.8
    • environment variables, importance of setting 12.1.4
    • modes of operation
    • Oracle Database deployments 12.1.9
    • PEXPIRE PKCS11 PERSISTENT CACHE ON DATABASE SHUTDOWN parameter 12.1.7.6
    • PKCS11_CACHE_TIMEOUT parameter 12.1.7.1
    • PKCS11_CONFIG_PARAM_REFRESH_INTERVAL parameter 12.1.7.4
    • PKCS11_PERSISTENT_CACHE_FIRST parameter 12.1.7.3
    • PKCS11_PERSISTENT_CACHE_REFRESH_WINDOW parameter 12.1.7.5
    • PKCS11_PERSISTENT_CACHE_TIMEOUT parameter 12.1.7.2
    • refresh window 12.1.6
    • storage location 12.1.4
  • PKCS11_CACHE_TIMEOUT parameter 12.1.7.1
  • PKCS11_CONFIG_PARAM_REFRESH_INTERVAL parameter 12.1.7.4
  • PKCS11_PERSISTENT_CACHE_FIRST parameter 12.1.7.3
  • PKCS11_PERSISTENT_CACHE_REFRESH_WINDOW parameter 12.1.7.5
  • PKCS11_PERSISTENT_CACHE_TIMEOUT parameter 12.1.7.2
  • post-installation tasks 4.3.3
  • powering off Oracle Key Vault for non-multi-master clusters 17.2.11
  • powering off Oracle Key Vault nodes 17.3.2.11
  • primary servers
    • role in primary-standby configuration 6.1.4
  • primary-standby
  • primary-standby configuration
    • about 6.1.1
    • benefits 6.1.2
    • best practices 6.7
    • changing SNMP settings on standby server 20.1.1.4
    • checking TDE wallet migration for logical standby 15.3.7
    • configuring primary server 6.2.1
    • configuring standby server 6.2.2
    • difference from multi-master clusters 6.1.3
    • disabling 6.5
    • downtime, minimizing 17.7
    • enabling primary-standby on primary 6.2.3
    • migrating TDE wallets to Oracle Key Vault for standby 15.3.6
    • persistent master encryption key cache
      • downtime, minimizing 17.7
    • primary server
      • configuring 6.2.1
      • enabling for primary-standby 6.2.3
    • primary server role 6.1.4
    • read-only restricted mode
      • downtime, minimizing 17.7
    • read-only restricted mode, disabling 6.6.6
    • read-only restricted mode, enabling 6.6.5
    • read-only restricted mode, recovering from 6.6.7
    • read-only restricted mode disabled 6.6.3
    • read-only restricted mode enabled 6.6.2
    • read-only restricted mode impact 6.6.1
    • read-only restricted mode state during network failure 6.6.4.4
    • read-only restricted mode state during primary server failure 6.6.4.2
    • read-only restricted mode state during standby server failure 6.6.4.3
    • read-only restricted mode states 6.6.4.1
    • restoring primary-standby after 6.4
    • reverse SSH tunnels 8.3.3
    • standby server
    • standby server role 6.1.5
    • switching servers 6.3
    • unpairing 6.5
  • primary-standby environments
  • primary-standby server
    • moving to multi-master cluster 3.4.4.2
  • privileges 2.3.1
    • See also: access control
    • access control options 2.3.3
    • access grants for virtual wallets 2.3.2

R

  • read-only mode
  • read-only nodes
  • read-only restricted mode
    • about 3.3.7
    • disabling 6.6.6
    • enabling 6.6.5
    • failover, planned shutdown in standby server C.14.2.3, C.14.3.3
    • failover, planned shutdown of primary server during upgrade C.14.2.1, C.14.3.1
    • failover, planned shutodwn on primary server during maintenance C.14.2.2, C.14.3.2
    • failover, unplanned shutdown in primary server C.14.2.4, C.14.3.4
    • failover, unplanned shutdown in standby server C.14.2.5, C.14.3.5
    • notifications 6.6.8
    • primary-standby configuration, impact on 6.6.1
    • primary-standby configuration without read-only restricted mode enabled 6.6.3
    • primary-standby configuration with read-only restricted mode enabled 6.6.2
    • recovering primary-standby 6.6.7
  • read-only restricted mode states
    • network failure in primary-standby configuration 6.6.4.4
    • primary server failure 6.6.4.2
    • primary-standby configuration 6.6.4.1
    • standby server failure 6.6.4.3
  • read-write mode
  • read-write nodes
  • read-write pair of nodes
  • read-write pairs of nodes
  • rebooting Oracle Key Vault for non-multi-master clusters 17.2.11
  • rebooting Oracle Key Vault nodes 17.3.2.11
  • recovery passphrase
    • about recovering 17.4.1
    • changing in clusters environment 17.4.4
    • changing in non-clusters environment 17.4.3
    • protecting the backup 19.4.6
    • recovering credentials 17.4.2
  • rekey operation 1.3.2
  • remote backup destination
  • remote backup destinations
  • remotely monitoring using SNMP 20.1.1.5
  • remote monitoring
  • removing user from a user group 9.5.8
  • renaming a user group 9.5.6
  • reporting 1.5.3
  • reports
  • restarting Oracle Key Vault for non-multi-master clusters 17.2.11
  • restarting Oracle Key Vault nodes 17.3.2.11
  • RESTful command-line interface commands
  • RESTful services
    • about 1.6.3
    • console certificates 18.2.5
    • disabling for non-multi-master clusters 17.2.8
    • enabling for non-multi-master clusters 17.2.8
    • multi-master clusters, enablement 17.3.3.5
  • restoring data
  • roles
  • Roots of Trust (RoT) 1.5.14
  • root user

S

  • search bars 4.8.2
  • searches
    • how to perform searches in Oracle Key Vault management console 4.8
  • secrets
  • secure user management 9.3.4.1
  • security objects
  • self-enrollment, for endpoints 13.2.4.1
  • separation of duties 1.5.4
  • SNMP
    • about 20.1.1.1
    • changing settings on standby server 20.1.1.4
    • changing user name and password 20.1.1.3
    • example of simplified remote monitoring 20.1.1.7
    • granting access to user 20.1.1.2
    • Management Information Base (MIB) variables 20.1.1.6
    • remotely monitoring Oracle Key Vault 20.1.1.5
  • SNMP settings
  • split-brain scenarios 6.1.1
  • SQL*Plus
    • guidance for credentials 16.2
    • guidance for secrets 16.2
  • sqlnet.ora file
    • environment variables and 14.3.4
  • SSH
    • guidance for credentials 16.3
    • guidance for secrets 16.3
  • SSH key files
    • downloading from Key Vault to a wallet B.5
  • SSH tunnels
    • creating between Oracle Key Vault and DBaas instance 8.3.1
    • deleting 8.3.7
    • disabling 8.3.5
    • multi-master clusters 8.3.5, 8.3.6, 8.3.7
    • not active 8.3.6
    • reverse SSH tunnel in multi-master cluster 8.3.2
    • reverse SSH tunnel in primary-standby configuration 8.3.3
    • viewing details 8.3.4
  • standby servers
    • role in primary-standby configuration 6.1.5
  • support user
  • syslog
    • configuring for non-multi-master clusters 17.2.6
  • syslog configuration
  • syslog settings
  • System Administrator role
  • system diagnostics
    • See: diagnostic reports
  • system recovery 2.6, 17.4.1
  • system requirements 4.2.1
  • system time
    • setting for non-multi-master clusters 17.2.3
  • system users
    • multi-master cluster effect on 9.1.2.5

T

  • TDE direct connect
    • See: online master keys
  • TDE-enabled databases
    • about configuring Key Vault for 12.2.1
    • configuring environment for 12.2.3
    • integrating TDE with Key Vault 12.2.4
    • limitations of TDE endpoint integration 12.2.2
  • TDE master encryption keys
    • centralized management 1.3.2
  • TDE wallets
  • third-party certificates
  • time
  • Transparent Data Encryption 12.2.1
    • See also: TDE-enabled databases
    • downtime, minimizing for TDE heartbeat 17.7
    • endpoint management 14.5
  • transportable tablespaces support for data moves 15.6
  • troubleshooting
    • finding log files C.3
    • upgrade errors C.7
    • uploading Java keystores C.4
    • uploading keystores with same file name but different contents C.6
    • uploading the same Oracle wallet multiple times C.5
  • types of backups 19.3.2

U

  • upgrades
    • error handling C.7
  • upgrading
    • backing up
      • Oracle Key Vault server 4.5.10
    • backing up upgraded Oracle Key Vault server 4.5.10
    • endpoint software 4.5.6
    • Oracle Key Vault pair
    • Oracle Key Vault standalone
    • removing DSA keys 4.5.9
    • removing old kernels 4.5.8
  • upgrading endpoint software
  • upgrading multi-master cluster nodes
  • upgrading standalone or primary-server
  • upload command (okvutil) B.7
  • uploading
  • use cases 1.3
    • centralized storage 1.3.1
    • key rotation 1.3.2
    • online management of keys and secret data 1.3.4
    • storage of credential files 1.3.3
  • user accounts
    • multi-master clusters, effect on 9.1.2
  • user-defined keys
  • user groups 9.5.1
    • adding a user 9.5.4
    • changing description 9.5.7
    • creating 9.5.3
    • deleting 9.5.9
    • granting access to virtual wallet 9.5.5
    • modifying virtual wallets from Keys & Wallets tab 11.2.3
    • multi-master clusters, effect on 9.5.2
    • naming guidelines 2.5
    • removing access to virtual wallets from Keys & Wallets tab 11.2.2
    • removing access to virtual wallets from User's tab 11.3.3
    • removing user from 9.5.8
    • renaming 9.5.6
    • revoking access to virtual wallets 11.3.4
  • users 9.5.1
    • See also: user groups
    • about changing password 9.3.3
    • about user accounts 9.1.1
    • administrative roles, about 9.2.1
    • administrative roles, granting or changing 9.2.2
    • administrative roles, revoking 9.2.8
    • changing own password 9.3.2
    • changing password automatically 9.3.3.2
    • changing password manually 9.3.3.1
    • changing passwords, about 9.3.1
    • changing support user password 9.3.3.3
    • changing user email address 9.4.1
    • controlling manual password reset operations, about 9.3.4.1
    • controlling manual password reset operations, configuration 9.3.4.2
    • Create Endpoint Group privilege, granting or changing 9.2.5
    • Create Endpoint privilege, granting or changing 9.2.3
    • creating accounts 9.1.3
    • deleting accounts 9.1.5
    • disabling email notifications 9.4.2
    • endpoint administrators
    • endpoint privileges, about 9.2.1
    • endpoint privileges, revoking 9.2.8
    • granting access to virtual wallet 9.2.7
    • Manage Endpoint Group privilege, granting or changing 9.2.6
    • Manage Endpoint privilege, granting or changing 9.2.4
    • modifying virtual wallets from Keys & Wallets tab 11.2.3
    • multi-master cluster effect on 9.1.2.4
    • naming guidelines 2.5
    • removing access to virtual wallets from Keys & Wallets tab 11.2.2
    • removing access to virtual wallets from User's tab 11.3.2
    • reports 20.4.6
    • root user
    • support user
    • view account details 9.1.4

V

  • viewing user account details 9.1.4
  • virtual wallets
    • about 11.1.1
    • access management from Keys and Wallets tab 11.2.1
    • adding endpoint access to 13.5.1
    • adding security objects to 11.1.4
    • creating 11.1.2
    • deleting 11.1.6
    • endpoint group access grant 13.6.4
    • granting access to from Keys & Wallets tab 11.2.2
    • granting access to from Users tab 11.3.1
    • granting user access to 9.2.7, 9.5.5
    • granting user group access to from User's tab 11.3.3
    • modifying 11.1.3
    • modifying from Keys & Wallets tab 11.2.3
    • naming guidelines 2.5
    • removing security objects from 11.1.5
    • removing user access to from Users tab 11.3.2
    • revoking endpoint access 13.5.2
    • revoking user group access from 11.3.4

W

  • wallets
    • checking TDE wallet migration for logical standby
    • downloading
    • downloading from Key Vault to a wallet B.5
    • endpoint group access grant 13.6.4
    • endpoints, associating 13.4.1
    • endpoints, viewing wallet items for 13.5.3
    • key rotation guidance 12.4.4
    • migrating existing TDE wallet to Key Vault
    • migrating TDE to Key Vault for logical standby database
    • migrating to Oracle Data Guard 15.3.4
    • Oracle GoldenGate use with 15.2.1
    • Oracle Real Application Clusters environment 15.1
    • overwriting danger of 12.4.4
    • reports 20.4.3
    • restoring database contents previously encrypted by TDE
    • reverse migrating in Oracle Data Guard
    • setting default for endpoint 13.4.2
    • sharing with multiple endpoints guidance 12.4.4
    • uploading
    • uploading contents to Key Vault server B.7
    • uploading in Oracle Data Guard