Case 1.When wallet is NOT auto-login
I dont think anything can be done
Case 2.When wallet is auto-login
Tablespace encryption:Get the list of encrypted tablespaces
I dont think anything can be done
Case 2.When wallet is auto-login
Column Encryption : get the list of columns which are encrypted.
select * from DBA_ENCRYPTED_COLUMNS;
select * from DBA_ENCRYPTED_COLUMNS;
- remove the ENCRYPT attribute of these columns
- move these tables out of encrypted tablespace
Tablespace encryption:Get the list of encrypted tablespaces
SQL> select TABLESPACE_NAME, status from dba_tablespaces where encrypted = 'YES';
TABLESPACE_NAME STATUS
------------------------------ ---------
ENCRYPTED_TS ONLINE
ENCRYPTED_TS2 ONLINE
ENCRYPTED_TS3 ONLINE
2. Move the content of these tablespace to other tablespaces
TABLESPACE_NAME STATUS
------------------------------ ---------
ENCRYPTED_TS ONLINE
ENCRYPTED_TS2 ONLINE
ENCRYPTED_TS3 ONLINE
2. Move the content of these tablespace to other tablespaces
SQL> select segment_name , owner, segment_type,TABLESPACE_NAME from dba_segments where tablespace_name in (select TABLESPACE_NAME from dba_tablespaces where encrypted = 'YES');
3. drop the encrypted tablespaces
SQL> drop tablespace ENCRYPTED_TS;
Tablespace dropped.
SQL> drop tablespace ENCRYPTED_TS2;
Tablespace dropped.
SQL> drop tablespace ENCRYPTED_TS3;
Tablespace dropped.
4. Remove the wallet
==> chattr -i ewallet.p12
==> chattr -i cwallet.sso
==> rm -rf wallet
==> lsnrctl status
4. perform a full log switch rotation
5. regenerate a new wallet
6. encrypt the previously encrypted data again
3. drop the encrypted tablespaces
SQL> drop tablespace ENCRYPTED_TS;
Tablespace dropped.
SQL> drop tablespace ENCRYPTED_TS2;
Tablespace dropped.
SQL> drop tablespace ENCRYPTED_TS3;
Tablespace dropped.
4. Remove the wallet
==> chattr -i ewallet.p12
==> chattr -i cwallet.sso
==> rm -rf wallet
==> lsnrctl status
4. perform a full log switch rotation
5. regenerate a new wallet
6. encrypt the previously encrypted data again
No comments:
Post a Comment