1. Installation and Configuration Guide
  2. Post-installation
  3. Configure Transparent Data Encryption (TDE) and Data Redaction in OFSAA
  4. Transparent Data Encryption (TDE)
  5. Configure a Software Keystore and Encrypted Tablespace Creation

7.17.2.1 Configure a Software Keystore and Encrypted Tablespace Creation

A software keystore is a container for the TDE master encryption key, and it resides in the software file system. You must define a location for the key in the sqlnet.ora file so that the database locates the keystore (one per database) by checking the keystore location in the sqlnet.ora file. After defining the location, create the keystore and open it. Set the TDE master key after opening it and then encrypt the data.
To find whether a wallet is already existing, check the following entries:
  1. The location specified by the ENCRYPTION_WALLET_LOCATION parameter in the sqlnet.ora file.
  2. The location specified by the WALLET_LOCATION parameter in the sqlnet.ora file.
    Encrypted tablespaces can share the default database wallet. However, Oracle recommends that you use a separate wallet for transparent data encryption functionality by specifying the ENCRYPTION_WALLET_LOCATION parameter in the sqlnet.ora file.

    Note:

    You must have the required privileges to perform the following actions.
To configure the software keystore, follow the instructions in the following sections: