In this post, we will be checking, How to change TDE Keystore Password, How to validate the TDE wallet password
How to change TDE Keystore Password
Here are the steps to change TDE Keystore Password
Rename the auto-login wallet file cwallet.sso in the wallet location
$ mv cwallet.sso cwallet.sso_old
Close the TDE encryption wallet
sqlplus / as sysdba
SQL> ADMINISTER KEY MANAGEMENT SET KEYSTORE CLOSE CONTAINER=ALL;
Open the TDE encryption wallet using the old wallet password.
SQL> ADMINISTER KEY MANAGEMENT SET KEYSTORE OPEN IDENTIFIED BY "<old password" CONTAINER=ALL;
Change password of TDE wallet
SQL> ADMINISTER KEY MANAGEMENT ALTER KEYSTORE PASSWORD IDENTIFIED BY "new password" WITH BACKUP;
Create a new autologin wallet file (cwallet.sso)
SQL> ADMINISTER KEY MANAGEMENT CREATE AUTO_LOGIN KEYSTORE FROM KEYSTORE '<wallet location' IDENTIFIED BY "new password";
How to validate TDE wallet password
We can validate the TDE password without using the open/close command in the Database using the below steps
1. Copy the Keystore/wallet file to a new directory. This means only the ewallet.p12 file; ignore the cwallet.sso if it exists.
2. Using mkstore, try to display the contents of the copied file, by specifying the new directory from step 1.
mkstore -wrl <wallet_directory> -list
Above, specify the new directory for <wallet_directory>.
Without the cwallet.sso (auto-login) Keystore/wallet in the same directory, any attempt to access the Keystore will prompt for the password.
If the entered password is correct, the command will display helpful information.
I hope you like this content on How to change/validate TDE Keystore Password,
TDE encryption in oracle 11g step by step: Check out this article for TDE encryption in oracle 11g step by step for both table encryption and tablespace encryption
TDE encryption in Oracle 12c step by step
How to open a wallet in Oracle 12c: Check out How to open a wallet in Oracle 12c, How To Import TDE Master Encryption Key, How To Export TDE Master Encryption Key
how to check if oracle database is encrypted: check out how to check if oracle database is encrypted, what tablespaces is encrypted, what table columns are encrypted
How To Restore TDE Wallet Files From Backup in Oracle Database