ORACLE RMAN ENCRYPTION(WALLET)

xiaoxiao2021-02-28  147

如下这篇文章,主要是做一个简单的rman加密的演示

启用db的加密

RMAN> CONFIGURE ENCRYPTION FOR DATABASE on 2> ; new RMAN configuration parameters: CONFIGURE ENCRYPTION FOR DATABASE ON; new RMAN configuration parameters are successfully stored

查看数据库默认的加密算法

SQL> select * from v$rman_encryption_algorithms; ALGORITHM_ID ALGORITHM_NAME ALGORITHM_DESCR IS_DEFAUL RESTORE_O ------------ --------------- --------------- --------- --------- 1 AES128 AES 128-bit key YES NO 2 AES192 AES 192-bit key NO NO 3 AES256 AES 256-bit key NO NO RMAN> show encryption algorithm; RMAN configuration parameters for database with db_unique_name ORCL are: CONFIGURE ENCRYPTION ALGORITHM 'AES128'; # default

设定密码

RMAN> set encryption on identified by "Oracle123" only; executing command: SET encryption

尝试去备份

RMAN> set decryption identified by "Oracle123"; executing command: SET decryption RMAN> backup database; Starting backup at 11-AUG-17 using channel ORA_DISK_1 using channel ORA_DISK_2 using channel ORA_DISK_3 using channel ORA_DISK_4 using channel ORA_DISK_5 using channel ORA_DISK_6 channel ORA_DISK_1: starting full datafile backup set channel ORA_DISK_1: specifying datafile(s) in backup set ××× ×××× continuing other job steps, job failed will not be re-run RMAN-03009: failure of backup command on ORA_DISK_3 channel at 08/11/2017 12:05:50 ORA-19914: unable to encrypt backup ORA-28365: wallet is not open continuing other job steps, job failed will not be re-run RMAN-00571: =========================================================== RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS =============== RMAN-00571: =========================================================== RMAN-03009: failure of backup command on ORA_DISK_4 channel at 08/11/2017 12:05:50 ORA-19914: unable to encrypt backup ORA-28365: wallet is not open RMAN> ORA-28365: wallet is not open 该错误的解释: [oracle@hdp backupset]$ oerr ora 28365 28365, 0000, "wallet is not open" // *Cause: The security module wallet has not been opened. // *Action: Open the wallet.

去相应目录创建wallet文件夹就可以了

– 创建钱夹

[oracle@hdp orcl]$ mkdir wallet [oracle@hdp orcl]$ pwd /u01/app/oracle/admin/orcl [oracle@hdp orcl]$ ls adump dpdump pfile wallet [oracle@hdp orcl]$ sqlplus / as sysdba SQL*Plus: Release 11.2.0.4.0 Production on Fri Aug 11 12:12:35 2017 Copyright (c) 1982, 2013, Oracle. All rights reserved. Connected to: Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production With the Partitioning, OLAP, Data Mining and Real Application Testing options SQL> ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY "Oracle123" 2 ; System altered. SQL> ALTER SYSTEM SET DECRYPTION KEY IDENTIFIED BY "Oracle123"

再次去备份的时候发现可以正常备份了。

然后我们再试着去恢复

RMAN> set decryption identified by "Oracle123"; RMAN> restore database; Starting restore at 11-AUG-17 using target database control file instead of recovery catalog allocated channel: ORA_DISK_1 channel ORA_DISK_1: SID=63 device type=DISK allocated channel: ORA_DISK_2 channel ORA_DISK_2: SID=129 device type=DISK ××× ×××× channel ORA_DISK_3: restoring datafile 00001 to /u01/app/oracle/oradata/orcl/system01.dbf channel ORA_DISK_3: reading from backup piece /u02/backup/ORCL/backupset/2017_08_11/o1_mf_nnndf_TAG20170811T121333_drtcqfq0_.bkp RMAN-00571: =========================================================== RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS =============== RMAN-00571: =========================================================== RMAN-03002: failure of restore command at 08/11/2017 12:19:20 ORA-19870: error while restoring backup piece /u02/backup/ORCL/backupset/2017_08_11/o1_mf_nnndf_TAG20170811T121333_drtcqfsk_.bkp ORA-19913: unable to decrypt backup ORA-28365: wallet is not open RMAN>

原来是wallet没有打开

1* SELECT * FROM V$ENCRYPTION_WALLET SQL> / WRL_TYPE WRL_PARAMETER STATUS ------------------------------------------------------------ --------------- ------------------------------------------------------ file /u01/app/oracle **CLOSED** /admin/orcl/wal let SQL> alter system set wallet open identified by "Oracle123" 2 / System altered. SQL> SELECT * FROM V$ENCRYPTION_WALLET; WRL_TYPE WRL_PARAMETER STATUS ------------------------------------------------------------ --------------- ------------------------------------------------------ file /u01/app/oracle OPEN /admin/orcl/wal let SQL>

打开钱包后的操作,我们才可以继续我们的操作

[oracle@hdp ~]$ rman target/ Recovery Manager: Release 11.2.0.4.0 - Production on Fri Aug 11 12:36:52 2017 Copyright (c) 1982, 2011, Oracle and/or its affiliates. All rights reserved. connected to target database: ORCL (DBID=1477533441, not open) RMAN> restore database; Starting restore at 11-AUG-17 using target database control file instead of recovery catalog allocated channel: ORA_DISK_1 channel ORA_DISK_1: SID=129 device type=DISK allocated channel: ORA_DISK_2 channel ORA_DISK_2: SID=194 device type=DISK allocated channel: ORA_DISK_3 channel ORA_DISK_3: SID=5 device type=DISK ****** [ignore something] ****** channel ORA_DISK_3: piece handle=/u02/backup/ORCL/backupset/2017_08_11/o1_mf_nnndf_TAG20170811T121333_drtcqfq0_.bkp tag=TAG20170811T121333 channel ORA_DISK_3: restored backup piece 1 channel ORA_DISK_3: restore complete, elapsed time: 00:00:15 Finished restore at 11-AUG-17 RMAN> recover database; Starting recover at 11-AUG-17 using channel ORA_DISK_1 using channel ORA_DISK_2 using channel ORA_DISK_3 using channel ORA_DISK_4 using channel ORA_DISK_5 using channel ORA_DISK_6 datafile 4 not processed because file is offline starting media recovery media recovery complete, elapsed time: 00:00:00 Finished recover at 11-AUG-17 RMAN> sql 'alter database open' 2> ; sql statement: alter database open RMAN>
转载请注明原文地址: https://www.6miu.com/read-69532.html

最新回复(0)