### Code Reference
-
URL:https://blog.csdn.net/hurricaneandhewei/article/details/54296407
-
DESC:oracle无密码登录
-
URL:https://blog.csdn.net/biplusplus/article/details/49893731
-
DESC:oracle创建钱包|wallet在rac环境共享钱包(参照docker实例化Oracle12c EE)|oracle auto login wallet
-
URL:https://blog.csdn.net/tianlesoftware/article/details/8269547
-
DESC:Oracle Databasae wallet使用指南
-
Last Update:2020-7-8 10:34
-
功能
实现无密码登录|数据库数据加密|TDE使用 -
基本使用
-
创建wallet
mkstore -wrl /u01/app/oracle/masterKey -create
master key:asd892*&*DfhLDF -
添加数据库连接认证信息到wallet中(insert)
mkstore -wrl /u01/app/oracle/masterKey -createCredential 192.168.100.132_rede rede 1
192.168.100.132_rede是tnsnames.ora添加条目,且是专用的名称. -
修改sqlnet.ora&listener.ora(服务端)
# sqlnet.ora(ENCRYPTION_WALLET_LOCATION这是两种钱包) ENCRYPTION_WALLET_LOCATION = (SOURCE = (METHOD = FILE) (METHOD_DATA = (DIRECTORY = /u01/app/oracle/masterKeyEncrypt)) ) WALLET_LOCATION = (SOURCE = (METHOD = FILE) (METHOD_DATA = (DIRECTORY = /u01/app/oracle/masterKey)) ) SQLNET.WALLET_OVERRIDE = TRUE # tnsnames.ora 192.168.100.132_rede = (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = 9cfde0470b8a)(PORT = 1521)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = orcl) ) )
-
验证无密码登录
-
重启listener使参数生效,使用tnsping测试连接串
tnsping 192.168.100.132_rede
-
sqlplus /@192.168.100.132_rede
?验证失败原因不明,版本是12c.(11g测试通过)
-
-
-
修改维护(asd892*&*DfhLDF)
-
认证信息
-
select
mkstore -wrl /u01/app/oracle/masterKey -listCredential
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-zS5srTIf-1594721701604)(http://redevm/uploads/big/dcd3c4c5bf485bfe9cf8c2cf5b6fb91b.png)] -
update
mkstore -wrl /u01/app/oracle/masterKey -modifyCredential 192.168.100.132_rede rede 1
-
delete
mkstore -wrl /u01/app/oracle/masterKey -deleteCredential 192.168.100.132_rede
-
-
连接字符串维护
- 查看连接数量
mkstore -wrl /u01/app/oracle/masterKey -list
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-NKYsq1Vj-1594721701612)(http://redevm/uploads/big/dfaf12f42f30f06601d06daa218138c1.png)] - 查看连接信息
mkstore -wrl /u01/app/oracle/masterKey -viewEntry oracle.security.client.connect_string1
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-CTWQy6tU-1594721701624)(http://redevm/uploads/big/99b28555f4272c7c9fcc75aaabc660f8.png)] - 更新连接
mkstore -wrl /u01/app/oracle/masterKey -modifyEntry oracle.security.client.connect_string2 192.168.100.132_rede
认证信息无法修改连接串的名称,使用本步中的方法就可以修改连接串的名称.
- 查看连接数量
-
-
wallet分发和备份&防止复制窃取
-
对于wallect的分发和备份,直接从操作系统上拷贝wallect的两个文件即可.
-
防止本机的wallect文件被拷贝到其它机器上(使用master key)
orapki wallet create -wallet /u01/app/oracle/masterKey -pwd "asd892*&*DfhLDF" -auto_login_local
-
-
-
分享🐴🐴: 7xzn
-
分享🐴🐴: 3ug5
-
分享🐴🐴: 9343
-
分享🐴🐴: u7zh
-
分享🐴🐴: ixu2
-
分享🐴🐴: qjk6