== Source ==
  * cdb TSTTDECL
     * with wallet password  : pwdtsttdecl
  * pdb PDB1TDE
     * with wallet password :  pwdpdb1tde    --isolated mode

 \\
== Target ==
  * cdb TARTDECL
     * with wallet password : pwdtartdecl
  * pdb PDBTARTDE 
     * with wallet password : pwdpdbtartde   --isolated

 \\

== 1/ Log in to the source isolated mode PDB PDB1TDE and verify that the wallet is opened ==
<code PLSQL>
SQL> show pdbs

    CON_ID CON_NAME                       OPEN MODE  RESTRICTED
---------- ------------------------------ ---------- ----------
         3 PDB1TDE                        READ WRITE NO



SQL> SELECT CON_ID, KEYSTORE_MODE,status,wallet_type from gV$ENCRYPTION_WALLET;
    CON_ID KEYSTORE STATUS                         WALLET_TYPE
---------- -------- ------------------------------ --------------------
         3 ISOLATED OPEN                           PASSWORD
</code>         

 \\
== 2/ On target CDB TARTDECL create a database link for the PDB PDB1TDE that you want to clone remotely. ==
<code PLSQL>
SQL> show con_name

CON_NAME
------------------------------
CDB$ROOT

SQL> create database link forclone connect to system identified by ZicZac##4523Pec using '//moros:1521/PDB1TDE.COE.CORP';
Database link created.


SQL> alter session set global_names=false;
Session altered.

SQL> select * from dual@forclone;
D
-
X
SQL>
</code>         

 \\
== 3/ On source cdb give following privilege ==
<code PLSQL>
SQL> show parameter db_un

NAME                                 TYPE        VALUE
------------------------------------ ----------- ------------------------------
db_unique_name                       string      TSTTDECL

SQL> grant create pluggable database to system container=all;
Grant succeeded.
</code>  

 \\
== 4/ CREATE PLUGGABLE DATABASE statement with the KEYSTORE IDENTIFIED BY clause to perform the clone of the PDB. ==
<code PLSQL>
alter session set global_names=false;

SQL> show parameter tde

NAME                                 TYPE        VALUE
------------------------------------ ----------- ------------------------------
one_step_plugin_for_pdb_with_tde     boolean     FALSE
tde_configuration                    string      KEYSTORE_CONFIGURATION=FILE



SQL> alter system set one_step_plugin_for_pdb_with_tde=true;
System altered.

SQL>  create pluggable database PDB1TDECLNE2 from PDB1TDE@forclone keystore identified by pwdtartdecl;  --with target cdb tde passwd
Pluggable database created.

SQL> alter pluggable database PDB1TDECLNE2 open;
Pluggable database altered.
</code>  

 \\
== 5/ Rekey the master encryption key of the remotely cloned PDB ==
<code PLSQL>
SQL> show pdbs
    CON_ID CON_NAME                       OPEN MODE  RESTRICTED
---------- ------------------------------ ---------- ----------
         6 PDB1TDECLNE2                   READ WRITE NO

SQL> ADMINISTER KEY MANAGEMENT SET KEY  FORCE KEYSTORE IDENTIFIED BY pwdtartdecl WITH BACKUP USING 'after_clne_key_backup';
keystore altered.
</code>  

 \\
==  6/ Change password for the PDB ==
<code PLSQL>
SQL> show pdbs
    CON_ID CON_NAME                       OPEN MODE  RESTRICTED
---------- ------------------------------ ---------- ----------
         6 PDB1TDECLNE2                   READ WRITE NO

SQL> ADMINISTER KEY MANAGEMENT ALTER KEYSTORE PASSWORD IDENTIFIED BY pwdtartdecl  SET pwdpdbclne2 WITH BACKUP ;
keystore altered.
</code>  

 \\
== 7/ Create Auto login for the PDB ==
<code PLSQL>
SQL> show pdbs
    CON_ID CON_NAME                       OPEN MODE  RESTRICTED
---------- ------------------------------ ---------- ----------
         6 PDB1TDECLNE2                   READ WRITE NO

SQL> ADMINISTER KEY MANAGEMENT CREATE AUTO_LOGIN KEYSTORE FROM KEYSTORE  IDENTIFIED BY pwdpdbclne2;
keystore altered.
</code>