Wallet_Type Shows “UNKNOWN” for all PDBs After Changing Wallet Password on ExaCC

Manoj Kumar Jun 22, 2023 6:00:00 AM

Wallet_Type Shows “UNKNOWN” for all PDBs After Changing Wallet Password on ExaCC – Eclipsys

2:35

May 2, 2023 7:45:00 AM

Changing SYS Password, Wallet Password, TDE Keystore Password, and SYS Password in Oracle Wallet – Eclipsys

Jun 14, 2023 10:00:00 AM

“TDE Keystore Password is Not Valid” When Cloning a PDB After Changing Wallet Password on EXACC – Eclipsys

Jun 1, 2023 12:00:00 PM

Modifying SYS and Wallet Password on ExaCC Bypassing Password Verify Function – Eclipsys

Recently I changed the sys and wallet password of CDB using this nice blog from my friend Kwame Bonsu.

Modify sys and wallet password on EXACC

After changing the sys and wallet password, when I checked the wallet status for all containers, I found that wallet_type is UNKNOWN for all PDBs.

SQL> set linesize 200
SQL> col wallet_dir for a50
SQL> col status for a21
SQL> select con_id, status, wrl_parameter wallet_dir, wallet_type from v$encryption_wallet;

    CON_ID STATUS                WALLET_DIR                                         WALLET_TYPE
---------- --------------------- -------------------------------------------------- --------------------
         1 OPEN                  /var/opt/oracle/dbaas_acfs/CDB1/wallet_root/tde/   AUTOLOGIN
         2 OPEN                                                                     AUTOLOGIN
         5 OPEN                                                                     UNKNOWN
         6 OPEN                                                                     UNKNOWN
         7 OPEN                                                                     UNKNOWN

The Wallet type should be AUTOLOGIN for all PDBSs.

CAUSE: This is happening because we used mkstore utility to modify wallet credentials.

Solution: 1. Disable auto-login by renaming the .sso file

[oracle@hostname tde]$ mv cwallet.sso cwallet.sso.bkp

2. Close auto-login keystore

SQL> alter system set wallet close;

System altered.

SQL> select con_id, status, wrl_parameter wallet_dir, wallet_type from v$encryption_wallet;

    CON_ID STATUS                WALLET_DIR                                         WALLET_TYPE
---------- --------------------- -------------------------------------------------- --------------------
         1 CLOSED                /var/opt/oracle/dbaas_acfs/CDB1/wallet_root/tde/   UNKNOWN
         2 CLOSED                                                                   UNKNOWN
         5 CLOSED                                                                   UNKNOWN
         6 CLOSED                                                                   UNKNOWN
         7 CLOSED                                                                   UNKNOWN

3. Open Password Protected Wallet

SQL> administer key management set keystore open identified by wallet_password;

keystore altered.

4. Re-enable Autologin Keystore

SQL> administer key management create auto_login keystore from keystore identified by wallet_password;

keystore altered.

5. Close the password-protected wallet. (Since we have recreated the auto-login wallet back, we can close the password-protected keystore to implicitly enable the auto-login wallet.)

SQL> administer key management set keystore close identified by wallet_password;

keystore altered.

6. Now verify if the wallet type is autologin or not

SQL> select con_id, status, wrl_parameter wallet_dir, wallet_type from v$encryption_wallet;

    CON_ID STATUS                WALLET_DIR                                         WALLET_TYPE
---------- --------------------- -------------------------------------------------- --------------------
         1 OPEN                  /var/opt/oracle/dbaas_acfs/CDB1/wallet_root/tde/   AUTOLOGIN
         2 OPEN                                                                     AUTOLOGIN
         5 OPEN                                                                     AUTOLOGIN
         6 OPEN                                                                     AUTOLOGIN
         7 OPEN                                                                     AUTOLOGIN

And it’s BACK! wallet_type shows AUTOLOGIN for all PDBs now.

ExaCC

May 2, 2023 7:45:00 AM

Changing SYS Password, Wallet Password, TDE Keystore Password, and SYS Password in Oracle Wallet – Eclipsys

Jun 14, 2023 10:00:00 AM

“TDE Keystore Password is Not Valid” When Cloning a PDB After Changing Wallet Password on EXACC – Eclipsys

Jun 1, 2023 12:00:00 PM

Modifying SYS and Wallet Password on ExaCC Bypassing Password Verify Function – Eclipsys

Microsoft Azure Administrator Associate (AZ-104) Certification Takeaways

ODA: Virtualized – Database Upgrade (OAKCLI)

Oracle Managed Services

Oracle Engineered Systems

Oracle Cloud

Oracle Licensing

Development Services

Oracle Database

Oracle Systems Portfolio

Application Services

Other Data Services

Eclipsys Joins A Brand With Multi-National Reach Following Acquisition By DSP UK

Resources

Life at Eclipsys

Getting to know us

Wallet_Type Shows “UNKNOWN” for all PDBs After Changing Wallet Password on ExaCC

Contents

Leave a Comment