环境:
oracle 11.2.0.4
OS AIX 7.2
设置数据文件加密
--配置sqlnet文件
cd $ORACLE_HOME/network/admin
vi sqlnet.ora
添加内容如下:
ENCRYPTION_WALLET_LOCATION =
(SOURCE = (METHOD = FILE)
(METHOD_DATA =
(DIRECTORY = /oracle/app/oracle/admin/TDE/orcl)
)
)
--创建加密文件
mkdir -p /oracle/app/oracle/admin/TDE/orcl
--创建加密秘钥
ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY "Oracle123";
--加密设置
orapki wallet create -wallet /oracle/app/oracle/admin/TDE/orcl -auto_login
--安装offline加密补丁
cd $ORACLE_HOME
mv OPatch OPatch_bak
unzip /oracle/software/p6880880_112000_AIX64-5L.zip
cd /oracle/software
unzip p23315889_112040_AIX64-5L.zip
cd 23315889
$ORACLE_HOME/OPatch/opatch apply
--数据文件加密
mount状态下修改数据文件加密。
ALTER DATABASE DATAFILE '+DATA/orcl/datafile/encrypt.605.1051285915' ENCRYPT;
ALTER DATABASE DATAFILE '+DATA/orcl/datafile/encrypt.606.1051286095' ENCRYPT;
ALTER DATABASE DATAFILE '+DATA/orcl/datafile/encrypt.607.1051286173' ENCRYPT;
数据库在open状态下加密报错如下:
ERROR at line 1:
ORA-28440: Message 28440 not found; product=RDBMS; facility=ORA
; arguments: [326]
ORA-01110: data file 326: '+DATA/orcl/datafile/encrypt.605.1051285915'