Integrating Oracle Database 12c Transparent Data Encryption (TDE) with the Vectera Plus requires the Futurex PKCS #11 (FXPKCS11) library. After configuring it, you can store the Master Encryption Key (MEK) used for TDE within the confines of a FIPS 140-2 Level 3-validated HSM (such as the Vectera Plus), adding a layer of protection for data at rest. The Master Encryption Key encrypts the Oracle Table Keys, which encrypt or decrypt columns or tablespaces locally in the database. Each table has its own table key. From the client application perspective, the encryption and decryption process is transparent, so you don’t need to change the existing application. We recommend that the connection between the Futurex PKCS #11 library and the Vectera Plus be a mutually authenticated TLS connection, but we aslo support server-side authentication.Documentation Index
Fetch the complete documentation index at: https://docs.futurex.com/llms.txt
Use this file to discover all available pages before exploring further.
The instructions for configuring the Futurex PKCS #11 library with Oracle Database running in a Docker container cover mutual authentication using only TLS certificates.