Oracle 参数 EXTERNAL_KEYSTORE_CREDENTIAL_LOCATION 官方解释,作用,如何配置最优化建议
本站中文解释
EXTERNAL_KEYSTORE_CREDENTIAL_LOCATION参数是用来指定在操作系统中保存外部KeyStore凭证文件(Oracle Java Secure Socket Extension(JSSE)工作所需的证书和私钥信息)的路径。
正确设置本参数的方法是:
1. 在Oracle数据库层面上执行ALTER SYSTEM并设置EXTERNAL_KEYSTORE_CREDENTIAL_LOCATION参数:
ALTER SYSTEM SET EXTERNAL_KEYSTORE_CREDENTIAL_LOCATION = ”;
2. 通过SQL*Plus工具将值更新到数据字典中:
ALTER SYSTEM REGISTER;
3. 重启Oracle数据库服务器以应用设置:
SHUTDOWN IMMEDIATE
STARTUP
官方英文解释
EXTERNAL_KEYSTORE_CREDENTIAL_LOCATION specifies the location of the secure external keystore.
| Property | Description |
|---|---|
|
Parameter type |
String |
|
Syntax |
|
|
Default value |
No default value |
|
Modifiable |
No |
|
Modifiable in a PDB |
No |
|
Basic |
No |
|
Oracle RAC |
This parameter can be set on each instance. Oracle recommends that if the instances have a shared location, then use a directory on the shared location for this parameter and set the same value on all Oracle RAC instances. If the database does not have a shared location, then each instance of the database will have its own directory and the value should be set per-instance. |
TDE keystore credentials can be stored in a secure external keystore to automate Transparent Data Encryption (TDE) operations.
To automate the setting of the Master Key in a newly-provisioned PDB, set EXTERNAL_KEYSTORE_CREDENTIAL_LOCATION so that the CDB knows the location of the secure external keystore.
When a file specification is set with this parameter, the secure external keystore is looked for in that location. If the secure external keystore is not found in that location, then this parameter is ignored.
See Also:
Oracle Database Advanced
Security Guide for more information about using TDE
