Thursday, February 14, 2019

TDE Column Level Encryption in Oracle 12c database (in Oracle E-Business Suite Release 12.2.4) - Part 2

In the previous initial post we understood how to implement the TDE at the column level, the below procedure explains how to rollback the TDE columns from the database.

 =============================================================

Rollback Plan:-

=============================================================
List out all the encrypted columns in the database and decrypt them using below kind of statements.

1. Data Decrypt:-

ALTER TABLE HR.PER_PAY_PROPOSALS MODIFY (PROPOSED_SALARY_N DECRYPT);
............................................
............................................

2. Make sure No encrypted columns exist:-

col owner format a5
column table_name format a30;
column column_name format a30;
column encryption_alg format a25;
select owner,table_name
 , column_name
 , encryption_alg
 from dba_encrypted_columns order by owner;

3. Close the Password-based keystore:-


ADMINISTER KEY MANAGEMENT SET KEYSTORE CLOSE IDENTIFIED BY Password;

 4. Remove the Wallet location from sqlnet.ora (IFILE if its EBS).

 ================================================================
Note:- Hidden Parameter to skip old lost master encryption keys in oracle TDE
ALTER SYSTEM SET "_db_discard_lost_masterkey"=TRUE ;
=================================================================================

at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Oracle RAC node unavailable with error: Server unexpectedly closed network connection6]clsc_connect: (0x251c670) no listener at (ADDRESS=(PROTOCOL=ipc)(KEY=OCSSD_LL_node2_))

 Early midnight I received a call from the monitoring team that one of the critical production database node is not available. As I am aware...