3.3 ADD ENCRYPTIONPROFILE

Use ADD ENCRYPTIONPROFILE to add an encryption profile for Oracle Key Vault using Oracle GoldenGate.

Syntax

ADD ENCRYPTIONPROFILE encryption-profile-name    
                      OKV
                      OKVPATH dir-path       
                      [KEYNAMEATTRIBUTE key-name-attribute]       
                      [KEYVERSIONATTRIBUTE key-version-attribute]       
                      MASTERKEY NAME masterkey-name         
                      [VERSION masterkey-version]         
                      [ TTL ttl]       
                      [ DEFAULT [ YES | NO ]]
 

OKVPATH

Specifies the directory where Oracle Key Vault client is installed.

KEYNAMEATTRIBUTE

Custom attribute used in Oracle Key Vault server to specify the masterkey name

KEYVERSIONATTRIBUTE

Custom attribute used in Oracle Key Vault server to specify the masterkey version.

MASTERKEY [NAME]

Name of the master key. This value must match the key name in the KMS parameter in Oracle GoldenGate and cannot be changed once replication has started.

MASTERKEY [VERSION]

Version of the master key. This must be a numeric value.

DEFAULT

Specifies the current encryption profile. If you set DEFAULT YES then the encryption profile is set to be the current encryption profile. If you set DEFAULT NO then the encryption profile is removed. If there is no explicitly defined current encryption profile (you set as DEFAULT NO to the previously current one) then the implicitly default profile is LocalWallet.

Note:

Do not upload keys with duplicate values of KeyName and KeyVersion. At the time of startup, restart, or rollover, Oracle GoldenGate processes retrieve the highest KeyVersion value.