加密表空间创建

1、创建wallets目录

mkdir -p /u01/app/oracle/product/11.2.0/dbhome_1/wallets

 

2、修改sqlnet.ora文件

ENCRYPTION_WALLET_LOCATION=

(SOURCE=

    (METHOD=file)

    (METHOD_DATA=

    (DIRECTORY=/u01/app/oracle/product/11.2.0/dbhome_1/wallets)

    )

)

 

3、确定数据库版本必须大于11.1

show parameter compatible

 

4、建立wallet文件

alter system set encryption key identified by "password";

 

5、查看wallet状态

select * from v$encryption_wallet;

如果oracle数据库重启，要重新打开wallet

shutdown immediate

startup

select * from v$encryption_wallet;

alter system set encryption wallet open identified by "password";

 

6、创建加密表空间

-- 可选的加密算法： AES192 / 3DES168 / AES128 / AES256

create tablespace tbstest01 datafile '/u01/app/oracle/oradata/PROD1/tbstest0101.dbf'

size 100m encryption using '3DES168' default storage(encrypt);

 

选择默认加密算法：AES128

create tablespace tbstest02 datafile '/u01/app/oracle/oradata/PROD1/tbstest0201.dbf'

size 100m encryption default storage(encrypt);

 

7、查询加密表空间信息

select * from v$encrypted_tablespaces;

 

8、关闭 Wallet 文件

alter system set encryption wallet close identified by "password";

 

9、配置自动开启 Wallet

-- 方法1： "orakpi" 命令行工具

-- Create the AUTO LOGIN WALLET associated PKCS#12 wallet we already have

orapki wallet create -wallet /u01/app/oracle/product/11.2.0/dbhome_1/wallets -auto_login -pwd password

-- Check information from the wallet

orapki wallet display -wallet /u01/app/oracle/product/11.2.0/dbhome_1/wallets

-- 方法2： "owm" 图形界面工具

owm

Click "Wallet" - >

-> Click "Open" - >

-> Directory = "/u01/app/oracle/product/11.2.0/dbhome_1/wallets" ->

-> Password = "password" - >

-> Click "Wallet" - >

-> Select "Auto Login" ->

-> Click "Wallet" - >

-> Click "Save" - >

-> Close window

-- 重启实例后， 查看 Wallet 文件状态（STATUS = OPEN）

select * from v$encryption_wallet;