meta données pour cette page
  •  

Ceci est une ancienne révision du document !

Source
  • cdb TSTTDECL
    • with wallet password : pwdtsttdecl
  • pdb PDB1TDE
    • with wallet password : pwdpdb1tde –isolated mode


Target
  • cdb TARTDECL
    • with wallet password : pwdtartdecl
  • pdb PDBTARTDE
    • with wallet password : pwdpdbtartde –isolated


1/ Log in to the source isolated mode PDB PDB1TDE and verify that the wallet is opened
SQL> show pdbs
 
    CON_ID CON_NAME                       OPEN MODE  RESTRICTED
---------- ------------------------------ ---------- ----------
         3 PDB1TDE                        READ WRITE NO
 
 
 
SQL> SELECT CON_ID, KEYSTORE_MODE,status,wallet_type FROM gV$ENCRYPTION_WALLET;
    CON_ID KEYSTORE STATUS                         WALLET_TYPE
---------- -------- ------------------------------ --------------------
         3 ISOLATED OPEN                           PASSWORD


SQL> show con_name
 
CON_NAME
------------------------------
CDB$ROOT
 
SQL> CREATE database link forclone CONNECT TO system identified BY ZicZac##4523Pec using '//moros:1521/PDB1TDE.COE.CORP';
Database link created.
 
 
SQL> ALTER session SET global_names=FALSE;
Session altered.
 
SQL> SELECT * FROM dual@forclone;
D
-
X
SQL>


3/ On source cdb give following privilege
SQL> show parameter db_un
 
NAME                                 TYPE        VALUE
------------------------------------ ----------- ------------------------------
db_unique_name                       string      TSTTDECL
 
SQL> grant CREATE pluggable database TO system container=ALL;
Grant succeeded.
4/ CREATE PLUGGABLE DATABASE statement with the KEYSTORE IDENTIFIED BY clause to perform the clone of the PDB.
ALTER session SET global_names=FALSE;
 
SQL> show parameter tde
 
NAME                                 TYPE        VALUE
------------------------------------ ----------- ------------------------------
one_step_plugin_for_pdb_with_tde     BOOLEAN     FALSE
tde_configuration                    string      KEYSTORE_CONFIGURATION=FILE
 
 
 
SQL> ALTER system SET one_step_plugin_for_pdb_with_tde=TRUE;
System altered.
 
SQL>  CREATE pluggable database PDB1TDECLNE2 FROM PDB1TDE@forclone keystore identified BY pwdtartdecl;  --with target cdb tde passwd
Pluggable database created.
 
SQL> ALTER pluggable database PDB1TDECLNE2 OPEN;
Pluggable database altered.
5/ Rekey the master encryption key of the remotely cloned PDB
SQL> show pdbs
    CON_ID CON_NAME                       OPEN MODE  RESTRICTED
---------- ------------------------------ ---------- ----------
         6 PDB1TDECLNE2                   READ WRITE NO
 
SQL> ADMINISTER KEY MANAGEMENT SET KEY  FORCE KEYSTORE IDENTIFIED BY pwdtartdecl WITH BACKUP USING 'after_clne_key_backup';
keystore altered.
6/ Change password for the PDB
SQL> show pdbs
    CON_ID CON_NAME                       OPEN MODE  RESTRICTED
---------- ------------------------------ ---------- ----------
         6 PDB1TDECLNE2                   READ WRITE NO
 
SQL> ADMINISTER KEY MANAGEMENT ALTER KEYSTORE PASSWORD IDENTIFIED BY pwdtartdecl  SET pwdpdbclne2 WITH BACKUP ;
keystore altered.
7/ Create Auto login for the PDB
SQL> show pdbs
    CON_ID CON_NAME                       OPEN MODE  RESTRICTED
---------- ------------------------------ ---------- ----------
         6 PDB1TDECLNE2                   READ WRITE NO
 
SQL> ADMINISTER KEY MANAGEMENT CREATE AUTO_LOGIN KEYSTORE FROM KEYSTORE  IDENTIFIED BY pwdpdbclne2;
keystore altered.