7.27.1.1 Set the Software Keystore Location in the sqlnet.ora File
The first step is to designate a location for the software keystore in the
sqlnet.ora file. The Oracle Database will check the
sqlnet.ora file for the directory location of the keystore to
determine whether it is a software keystore or a hardware module security (HSM)
keystore.
Note:
- Ensure that the directory location which you want to set for software keystore exists beforehand. Preferably, this directory must be empty.
- In a multitenant environment, the keystore location is set for the entire multitenant container database (CDB), not for individual pluggable databases (PDBs).
- By default, the
sqlnet.orafile is located in theORACLE_HOME/network/admindirectory or the location set by the TNS_ADMIN environment variable. Ensure that you have properly set the TNS_ADMIN environment variable to point to the correctsqlnet.orafile.
To create a software keystore on a regular file system, use the following format when you
edit the sqlnet.ora file:
ENCRYPTION_WALLET_LOCATION= (SOURCE=(METHOD=FILE)
(METHOD_DATA=(DIRECTORY=<<path to keystore>>)))
Examples:
- For a regular file system in which the database name is
orclb:
ENCRYPTION_WALLET_LOCATION= (SOURCE=(METHOD=FILE) (METHOD_DATA=(DIRECTORY=/etc/ORACLE/WALLETS/orcl))) - When multiple databases share the
sqlnet.orafile:ENCRYPTION_WALLET_LOCATION= (SOURCE=(METHOD=FILE) (METHOD_DATA=(DIRECTORY=/etc/ORACLE/WALLETS/orcl))) - When Oracle Automatic Storage Management (ASM) is
configured:
ENCRYPTION_WALLET_LOCATION= (SOURCE=(METHOD=FILE) (METHOD_DATA=(DIRECTORY=+disk1/mydb/wallet))) - For ASM Diskgroup:
ENCRYPTION_WALLET_LOCATION= (SOURCE=(METHOD=FILE) (METHOD_DATA=(DIRECTORY=+ASM_file_path_of_the_diskgroup)))