DECRYPTTRAIL

Valid for

Extract, Replicat

Description

Use DECRYPTTRAIL to decrypt Oracle GoldenGate trails that were encrypted by an upstream Extract process (for information on ENCRYPTTRAIL see "ENCRYPTTRAIL | NOENCRYPTTRAIL"). Specify DECRYPTTRAIL only when the ENCRYPTTRAIL parameter is specified in the upstream Extract process.

Syntax

DECRYPTTRAIL (<AES>, KEYNAME <name>)

AES can be AES, AES128, AES192, or AES256.

The default is AES256.

Input trail

For an Extract Pump or Replicat, DecryptTrail is assumed automatically when extract sees the flag in the fileheader saying the trail is encrypted. It is only necessary to specify DecryptTrail when the trail is encrypted using an AES master key other than DEFAULT.

AES encrypted trails to and from OpenSy must always use the ENCKEYS file and a keyname and not the Oracle wallet. OpenSys does not allow for a DEFAULT key to be used with AES, you must have a named key.

When sending or receiving encrypted trails from OpenSys, ensure that an ENCKEYS file that has the master key exists in the Oracle GoldenGate installed directory for Classic builds and in the deployment_home/etc/conf/ogg directory for MicroServices.

If you want to send an encrypted trail files from Oracle GoldenGate OpenSys to Oracle GoldenGate for HP NonStop, then you need to use the ENCKEYS method to encrpyt the trail file on OpenSys first. For more information about encrypting trail files using ENCKEYS on Oracle GoldenGate OpenSys, see the following topics in the Administering Oracle GoldenGate for HP NonStop.

Output trail

Prior to the Oracle GoldenGate for HP NonStop 19.1.0.0.0 release, EncryptTrail/NoEncryptTrail could be toggled around EXTTRAIL/RMTTRAIL parameters. Starting HP Non Stop 19.1.0.0.0 release, this has been deprecated and needs to be replaced with the trail specific option. For more information about specifying encryption explicitly for each output trail, see any of the following topics: EXTFILE, EXTTRAIL, RMTFILE, or RMTTRAIL.