Transparent Data Encryption (TDE) in 12c and RTFM Carefully


I keep thinking I’m moving forward with this Oracle database 12c stuff, but around every corner there is another surprise. A few days ago I was setting up a demo for Transparent Data Encryption (TDE) in 12c using my existing articles (10g, 11g). That’s when I noticed things had changed, so I had to use an 11g instance for the demo and make a note to revisit TDE for 12c…

On revisiting the subject, I saw that the encryption key management has changed in 12c. What’s more, if you are using the multitenant option it is a bit different again. That resulted in this article.

While I was working through this I was getting some freaky results, which were driving me mad. Whilst trying to figure out that I noticed I had two PDBs of the same name under a single listener. I had created two test instances (cdb1 and cdb2), each with a PDB called “pdb1”. There is a sentence in the docs to say this is not a good idea, which resulted in this little article.

So it turns out that TDE works fine, provided you are not an idiot. 🙂

The moral of the story is RTFM carefully, because sometimes a single sentence can make all the difference!



Author: Tim...

DBA, Developer, Author, Trainer.