TDE

Shell Script to verify and start database, listener and wallet

Posted on July 11, 2008. Filed under: DBA/Admin Tips, RAC, Scripts, TDE | Tags: , |

If Wallet is being used on your RAC or Single Node environment, opening the wallet after starting the database is very critical, failing which users trying to access encrypted data will get ORA-28365: wallet is not open error.

Things to remember while maintaining a wallet on a RAC and Single Node environment

1. The wallet password is case sensitive

2. Wallet should be opened on both the instances. Click here for more information on this.

We had the situation of not opening the wallet after starting the database which resulted in lot of access issues. To overcome this i wrote this script to verify and start the listeners, databases (Single Node and RAC) and Wallet.

Heres what the script does:

1. If opted for RAC option, the script will gather the rac information (nodes), cluster status – if down exit, listener status – if down, start, database/instance status – if down start and finaly wallet – if not open, open it.

2. If option for Single Node option, the script will perform all the steps as mentioned in Option 1 except for nodes and cluster.

You can also use this script to open just the wallets.

Heres a sample of the help message:

Usage : startdbwall.sh [-h|-t|-o] [R|S|W|RW] [-p] <walletpwd>

Example :
1. To Display this help message
startdbwall.sh -h

2. To Start RAC DB and to Open Wallet
startdbwall.sh -t R

3. To Start Single Node DB and to Open Wallet
startdbwall.sh -t S

4. To Open just the Wallet in single DB mode
startdbwall.sh -o W

5. To Open just the Wallet in RAC DB mode
startdbwall.sh -o RW

6. To Open just the Wallet with password (CASE SENSITIVE)
startdbwall.sh -o W -p <walletpwd>

Download script here. startdbwallsh

cheers,
OraclePitStop

Advertisements
Read Full Post | Make a Comment ( 1 so far )

RAC and Wallet

Posted on July 10, 2008. Filed under: Database, DBA/Admin Tips, RAC, TDE | Tags: , |

Is it ok to open the wallet on only one instance in a 2 Node or multi node RAC Architecture?

The answer is NO. You can open the wallet only on one instance(RAC1), but any user who gets connected to the other instance (RAC2), will get the error message ORA-28365: wallet is not open, if they try to access encrypted columns.

As of now, opening and closing of the database wallet is instance specific, even if you place the wallet file in a common location which is accessible to both the instances.

So if you had implemented wallet on a RAC setup, make sure you open the wallet on all individual instances.

You can also use this link to download a script which does this automatically for you.

cheers,
OraclePitStop

Read Full Post | Make a Comment ( 1 so far )

Liked it here?
Why not try sites on the blogroll...