Oracle钱包(wallet)密码修改

钱夹密码可通过 Oracle Wallet Manager 或 orapki 实用程序来更改。强烈建议在更改钱夹密码之前对 Oracle 钱夹进行备份。更改钱夹密码不会更改 TDE 主密钥（它们彼此独立）

钱夹密码应至少包含 8 个字母和数字字符，否则会报错 PKI-01002错误。

PKI-01002: Invalid password:Passwords must have a minimum length of eight characters and contain alphabetic characters combined with numbers or special characters. 

您可以通过 Oracle Wallet Manager (OWM) 更改钱夹密码。在尝试更改钱夹密码前，请创建备份，并已在测试系统进行了验证。更改钱夹密码不会更改主密钥（它们彼此独立）。

也允许通过orapki 命令行更改钱夹密码，参考命令：

$ orapki wallet change_pwd -wallet <wallet_location>

[oracle@cent6 ~]$ orapki wallet change_pwd -wallet $ORACLE_BASE/admin/main/wallet
Oracle PKI Tool : Version 11.2.0.4.0 - Production
Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.

Enter wallet password: 旧密码                                                                                                                                  
New password:
Enter wallet password: 新密码                                                                                                                               
[oracle@cent6 ~]$

SQL> ALTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY "Schina1234";

System altered.
--已打开的钱包还要使用旧密码关闭，否则会报密码不匹配错误
SQL> ALTER SYSTEM SET ENCRYPTION WALLET CLOSE IDENTIFIED BY "Sec$123456";
ALTER SYSTEM SET ENCRYPTION WALLET CLOSE IDENTIFIED BY "Sec$123456"
*
ERROR at line 1:
ORA-28391: cannot close wallet or HSM, password mismatch

SQL> ALTER SYSTEM SET ENCRYPTION WALLET CLOSE IDENTIFIED BY "Schina1234";
System altered.
--重新打开时使用新密码
SQL> ALTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY "Sec$123456";
System altered.
SQL>