Security :: Query Regarding Client Side Wallet
Jul 11, 2012
I need few clarifications regarding oracle wallet.
db version: 11.2.0.3.2 (Enterprise Edition)
We have a requirement to run shell scripts calling stored procedures for specific activities, which are run on database server. We do not want to store passwords in shell scripts and decided to use Secure External Password Store for hiding passwords instead of os authentication method. need few clarifications on the below.
1) Currently, we are creating oracle wallet entry on db server and making modifications in sqlnet.ora file accordingly. Is it good to use like this or we should do this only on a client machine?
2) Do we need any licensing to use this option?
3) Any knows issues with using oracle wallet?
4) Can we use orapki for creating oracle wallet instead of mkstore?
5) Any knows issues we face during startup and shutdown of db activities?
View 1 Replies
ADVERTISEMENT
Oct 6, 2012
how to install wallet in Oracle 11g and chek if it is installed? Extra cost is involved for liscencing ?
Does it ask for any option while installing Oracle Software?
View 1 Replies
View Related
Feb 21, 2013
I'm reviewing the method of setting up transparent data encryption (TDE) and the role Oracle Wallet plays in that process. One statement that caught my attention was this statement in the documentation:
Quote:You can also choose to create a local auto login wallet. Local auto login wallets cannot be moved to another computer. They must be used on the host on which they are created." URL....
Why an auto-login wallet can't be moved to another computer? For example, if my Oracle database server goes down and I'm in a recovery situation, would an autologin Oracle wallet file restored from tape not work?
View 3 Replies
View Related
Jul 16, 2013
I successfully created a Oracle Wallet in AIX. The wallet is belong to user "oracle" and permission is 755. I can access it with non-oracle user. Note: the non-oracle user is under the same group as "oracle" id.
But when I try to change the Oracle Waller permission to less than 755, I am not able to access it anymore. The error is "ORA-12578: TNS:wallet open failed".
My question is how can I access the Oracle Wallet without using 755 permission?
View 1 Replies
View Related
Oct 22, 2012
I have TDE enable in system. Now i want to remove wallet from the server and keep another secure place so that it can't be put in wrong hand. Is there any way that i can remove the wallet folder from the server while encryption and decryption on?
View 1 Replies
View Related
Apr 4, 2013
Is there a way to have separate wallets for each windows user? Well, I have found a way, but does not seem to work always properly and that is with %USERNAME% environment variable.
This is how our customer want's to have - so separate wallet for each windows user, how to accomplish this without using %USERNAME%?
View 2 Replies
View Related
Aug 31, 2012
If i have Oracle Wallet installed for a Oracle 10.2 Client, i am able to connect to the database. But , while generations a report , when my oracle report server tries to connect to the DB using Oracle Wallet
(i.e. sqlplus /@<dbname> ) , I am not able to establish a connection.
Is it a compatibility issue ?
Following is the parameter i am passing.
$ORACLE_HOME/bin/rwclient.sh server="$REPORT_SERVER" REPORT="$RDF_FILE" DESTYPE=FILE DESNAME="$PDF_FILE" DESFORMAT=PDF BATCH=YES USERID= /@"$ORACLE_SID"
View 0 Replies
View Related
Jun 19, 2013
I am getting error "ora-28374 typed master key not found in wallet".
steps-
1) created tablespace and user to the respective tablespace.
2) created table by issuing command as "CREATE TABLE TEST1 (SR_NO NUMBER(3), NAME VARCHAR2(30) ENCRYPT) DEFAULT TABLESPACE ENC". (by user - enc_user)
3) Inserted rows on to the table.
4) entry made in sqlnet.ora as
ENCRYPTION_WALLET_LOCATION=
(SOURCE=(METHOD=FILE)(METHOD_DATA=
(DIRECTORY=C:appAdministratoradmin estencrypted_wallet/)))
5) issued command as sysdba - ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY "ASHISH123";
6) restarted the database.
7) since i want to made it autologin. so I open wallet through the below mentioned path program file >>oracle_home>> integrated management tool >> wallet But when it asked the password I typed the same password but it was not accepting. So i made new wallet with the same specified path. Also I clicked on auto login.
8) Now, i have restarted the database and tried to issue the command "ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY "suresh123";
While issuing the command, getting error "ora-28374 typed master key not found in wallet". "
i tried with the recreation of new folder again on the same path as -"C:appAdministratoradmin estwallet" and same entry updated on sqlnet.ora. But facing the same error.
Is there any way to re-create or modify the encryption of tablespace?
View 5 Replies
View Related
Apr 14, 2011
I'm trying to hide the password for the batch programs that connect to the DB Server
as Cadot pointed out in
[URL].........
Quote:
use secure external password store
with reference to
[URL].........
when I create wallet, the system does not prompt me for password
C:>mkstore -wrl "C:ora102NETWORKADMIN" -create
when creating login credentials, again the system never prompts me for password
C:>mkstore -wrl "C:ora102NETWORKADMIN" -createCredential db10g scott tiger
here's my sqlnet.ora configurations
WALLET_LOCATION =
(SOURCE =
(METHOD = FILE)
(METHOD_DATA =
(DIRECTORY =C:ora102NETWORKADMIN)
)
)
SQLNET.WALLET_OVERRIDE = TRUE
SSL_CLIENT_AUTHENTICATION = FALSESSL_VERSION = 0
here's my tnsname.ora settings
DB10G =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 1521))
)
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = mike)
)
)
here's the outcome
C:Documents and SettingsAdministrator>sqlplus /@db10g
SQL*Plus: Release 10.2.0.4.0 - Production on Wed Apr 13 22:53:06 2011
Copyright (c) 1982, 2007, Oracle. All Rights Reserved.
ERROR:
ORA-12534: TNS:operation not supported
Enter user-name:
so I Google around for the solution to the ORA-12534 error, one of the site,
[URL].......
here's my lsnrctl services
Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))
Services Summary...
Service "MIKEXDB" has 1 instance(s).
Instance "mike", status READY, has 1 handler(s) for this service...
Handler(s):
[code].....
The command completed successfully
right now I think I will be a fool to think that the solution is to resolve the ERROR: ORA-12514: TNS:listener does not currently know of service requested in connect descriptor. so what is wrong with my setup, or is it some patch that I need to apply?
View 9 Replies
View Related
Dec 14, 2012
My database is 11.1.0.7 and 11.2.0.3 with TDE tablespace encryption, ASM db storage. The wallet needs to be opened for MRP to work in physical standby database. I already have the solution for the primary instances to automate wallet open (e.g. using startup trigger for 11.1.0.7). However, I cannot find solution to automate wallet open operation in standby instances (to issue ALTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY ""').
Manual operation everytime standby instance is started is not feasible.
View 1 Replies
View Related
Dec 8, 2005
I have inherited a query that union alls 2 select statements, I added a further field to one of the select statements ( a date field). However I need to add another dummy field to the 2nd select statement so the union query marries up I have tried to do this by simply adding a
select
'date_on'
to add a field called date on populated by 'date_on' (the name of the column in the first query)
however when I run the union query i get the error Ora-01790 expression must have same datatype as corresponding expression.
View 6 Replies
View Related
May 10, 2010
How i can run adobe acrobat in the client side and maximize it ?
Note: i am using oracle 10g.
View 8 Replies
View Related
Sep 12, 2012
We are on oracle 11.2.0.2 on Solaris 10. I dont have acces to the db server but connect to the db from the client side using sqlplus. though I have dba privilege (at oracle level) but no access to db server at os level. I also dont have access to enterprise manager console where such information is available.
I want to set up monitoring so that I can get a mail when the space falls below some threshold like say tablespace is 90% full. Is it possible to get mail from pl/sql script for example?
View 1 Replies
View Related
Jan 2, 2011
i have installed oracle 10g on linux system. and i am using xp as a client when i use this
cmd>conn scott/tiger@database at client side i receive ora-12560 error
while my database is up and listener and tnsping also working at server side.
View 3 Replies
View Related
Jan 12, 2011
I am getting below error while tnsping from client
C:Program FilesMicrosoft Visual Studio 9.0VC>tnsping xpcdev
TNS Ping Utility for 32-bit Windows: Version 10.2.0.1.0 - Production on 12-JAN-2011 21:35:03
Copyright (c) 1997, 2005, Oracle. All rights reserved.
Used parameter files:
Used TNSNAMES adapter to resolve the alias
Attempting to contact (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.6.102)(PORT = 1524))) (C
xpcdev)))
TNS-12537: TNS:connection closed
on server side listener is up also I am able to tnsping without any error.
contents from sqlnet.ora
Quote:NAMES.DIRECTORY_PATH=(TNSNAMES, ONAMES, HOSTNAME)
SQLNET.EXPIRE_TIME= 10i
I am getting below error on listener log file
Quote:12-JAN-2011 10:04:56 * 12546
TNS-12546: TNS:permission denied
TNS-12560: TNS:protocol adapter error
TNS-00516: Permission denied
View 9 Replies
View Related
Mar 17, 2013
I am on 11.2.0.1. I created wallet with
orapki wallet create -wallet "C:Oracleserver11201productdbhomeNETWORKADMIN" -pwd <password> -auto_login_local
How do I remover it now? Wallet manager doesn't list it.
View 2 Replies
View Related
Jul 11, 2012
I want to create a wallet on RAC setup.I have two node setup.I have created the wallet directory under shared folder /u01/oradata/$ORACLE_SID/wallet
I am Unable to open wallet.I tried this using the below command
SQL> alter system set encryption key identified by "aryabhat";
alter system set encryption key identified by "aryabhat"
*
ERROR at line 1:
ORA-28353: failed to open wallet
Following is the content of sqlnet.ora file
(path : /u01/app/11.2.0/grid/network/admin/sqlnet.ora)
NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)
ADR_BASE = /u01/app/oracle
ENCRYPTION_WALLET_LOCATION =
(SOURCE = (METHOD = FILE)(METHOD_DATA =
(DIRECTORY = /u01/oradata/$ORACLE_SID/wallet/)))
View 3 Replies
View Related
Mar 8, 2012
Here i am displaying the multiplication tables by given number...the problem is the tables are displaying one after another...i need to print it by side by side like..
1*1=1 2*1=2 3*1=3
` ` `
` ` `
` ` `
1*10=10 2*10=20 3*10=30
....
the written code is
declare
a number:=1;
[Code]....
View 9 Replies
View Related
Apr 4, 2013
sqlplus experts,
How do I update Table2(idno) with values of Table1(idno)? By the way there are other columns which i do not want to be touched. This is just to create a match parent-child table test data.
Example:
Table1
idno
===
100
101
102
103
Table2
idno
===
any no
any no
any no
any no
I want all idno values in Table2 to be identical with Table1. It can be any order as long as the value is 1 to 1. I just want it populated for test data purposes.
View 28 Replies
View Related
Sep 12, 2013
We have developed an application for our clients,planning to deploy it in client server soon. we have plans to support the application in future,so we want to restrict the clients from any modifications. By Doubt is, 'build_status=Run only' alone,cannot protect our application from client developers to edit our application,
Because though we install our application as 'Run Only' at the time of installation in client instance,we can still import the original application and change the type to 'Build and Run Application',and run the new application as 'Build and Run'.(which is not supposed to) we want to make sure,if there is any way we can protect our application from modifications after client side installation.
View 1 Replies
View Related
Apr 13, 2010
Oracle developer suite 10g i am installing 10 developer in server can you explain me how to run client side forms and report web-throw witch address i tel him to client.
View 2 Replies
View Related
Jun 4, 2010
We have an application that fetches and writes data into oracle database through pro c. oracle datyabase is on another server.
We are storing some secure information into oracle database so we want to encrypt the data sent by our aplication into oracle database.We do not want to use SSL(i.e certificates) and also do not want to make use of Advance Security Option available in oracle and also do not want to make any changes in sqlnet.ora file on server side.
achieve encryption of traffic between our application and Oracle database?
View 13 Replies
View Related
Feb 25, 2011
I would like get select,insert,update commands in particular text file for my one of the schema. if i am enabling audit_trail=os in init.ora and issue
AUDIT SELECT TABLE, UPDATE TABLE, INSERT TABLE BY SCOTT;
Should i get above statements in text file.
Actually I would like to get all the select,insert,update statements for my particular schema. is there any way to get it from instance or log. is it possible without audit_trail?
View 23 Replies
View Related
Jun 2, 2009
Where are the server side procedures are stored? Where are the server side procedures are visible??
View 5 Replies
View Related
Sep 28, 2012
how to upgrade Oracle SERVER jvm version
View 2 Replies
View Related
Sep 29, 2010
what steps I am missing or provide a work-around?
1) cat sqlnet.ora
NAMES.DIRECTORY_PATH=(TNSNAMES)
WALLET_LOCATION =
(SOURCE =
[code]...
2) mkdir /u01/app/oracle/secure
ls -ld /u01/app/oracle/secure
drwxr-sr-x 2 oracle dba 512 Sep 28 17:04 /u01/app/oracle/secure
lsnrctl stop
lsnrctl start
3) sqlplus 'sys/sys as sysdba'
SQL*Plus: Release 11.2.0.1.0 Production on Tue Sep 28 17:07:53 2010
SQL> ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY "DeciPher";
ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY "DeciPher"
*
ERROR at line 1:
ORA-28374: typed master key not found in wallet
View 8 Replies
View Related
Oct 28, 2010
I've configure TAF and Load Banalcing, both of server side some days ago. And now, I find Node 2 is accessed more than node 1. I upload some images here, anything you need to clarify information more, I can give.
Node 2 is often at 40%-55%, some time to 77%.
Node 1 is often 5-12%
Service TAF was configured
Show TAF service by crs
The remote listener
Were I wrong?
View 10 Replies
View Related
Oct 8, 2013
I am trying to use oracle wallet with the new odp.net managed driver, but I am getting
"invalid username/password".
As the wallet itself is ok (it works with the unmanaged client), seems to me that this new provider is not fully compatible with Oracle Wallet. Is this true? I am trying this:
<oracle.manageddataaccess.client> <version number="*"> <settings> <setting name="tns_admin" value="D:oracleproduct11.2.0client_1
etworkadmin" /> <setting name="WALLET_LOCATION" value="D:oraclewallets" /> </settings> </version> </oracle.manageddataaccess.client>
View 9 Replies
View Related
Jan 22, 2013
I have created a wallet (11g R2 OEL 5.5) using the OWM.Tried opening the wallet (encryption_wallet_location set in sqlnet.ora). then while creating a table it said the master encryption key is not present. Have created the master key using the following command.
alter system set encryption key identified by "Password";
Here the strange thing i observed is that when we create a wallet using the OWM, it asks for the password and when i open the same wallet the master key is not created and it allows the master key to be generated with the same password that i have created the wallet in the first place with the OWM, with any other passwords it says that the wallet is not open.
After creating the wallet and creating the master key... I have the following questions, and its becoming quite hard to find the solutions as well.
1. Can we have multiple encryption keys... say i want to encrypt a table or column with one key and other with an another key.
2. How many keys can we have for objects in the table? or can we have only one key and many certificates.
3. wallet created, and encrypted tables present, the wallet is not in auto open mode, but somehow the database open after it is shutdown, here no encrypted tablespaces are present.
4. while creating an encrypted tablespace the default storage (encrypt ) has to be added to the add tablespace clause.
View 2 Replies
View Related
Feb 22, 2011
Is there any possibilites to remove the symbol '*' only from LEFT or RIGHT side, instead BOTH the side.
select '>' || trim (both '*' from '***removing stars at both sides***') || '<' "Stars removed" from dual;
View 4 Replies
View Related
