Set the Software Keystore Location in the sqlnet.ora File

The first step is to designate a location for the software keystore in the sqlnet.ora file. The Oracle Database will check the sqlnet.ora file for the directory location of the keystore to determine whether it is a software keystore or a hardware module security (HSM) keystore.

Note:

• Ensure that the directory location which you want to set for software keystore exists beforehand. Preferably, this directory must be empty.
• In a multitenant environment, the keystore location is set for the entire multitenant container database (CDB), not for individual pluggable databases (PDBs).
• By default, the sqlnet.ora file is located in the ORACLE_HOME/network/admin directory or the location set by the TNS_ADMIN environment variable. Ensure that you have properly set the TNS_ADMIN environment variable to point to the correct sqlnet.ora file.

To create a software keystore on a regular file system, use the following format when you edit the sqlnet.ora file:

ENCRYPTION_WALLET_LOCATION= (SOURCE=(METHOD=FILE)
(METHOD_DATA=(DIRECTORY=<<path to keystore>>)))

Examples:

• For a regular file system in which the database name is orclb:

  ENCRYPTION_WALLET_LOCATION= (SOURCE=(METHOD=FILE)
  (METHOD_DATA=(DIRECTORY=/etc/ORACLE/WALLETS/orcl)))
  

• When multiple databases share the sqlnet.ora file:

  ENCRYPTION_WALLET_LOCATION= (SOURCE=(METHOD=FILE)
  (METHOD_DATA=(DIRECTORY=/etc/ORACLE/WALLETS/orcl)))

• When Oracle Automatic Storage Management (ASM) is configured:

  ENCRYPTION_WALLET_LOCATION= (SOURCE=(METHOD=FILE)
  (METHOD_DATA=(DIRECTORY=+disk1/mydb/wallet)))

• For ASM Diskgroup:

  ENCRYPTION_WALLET_LOCATION= (SOURCE=(METHOD=FILE)
  (METHOD_DATA=(DIRECTORY=+ASM_file_path_of_the_diskgroup)))