Setting up the Oracle environment and the Futurex PKCS #11 Library

if you plan to run oracle database in a docker container, skip this section a later section covers the steps to set up the oracle environment and configure the {{futurex}} pkcs #11 library for container implementation set up oracle database environment the oraenv tool sets up the oracle database environment for the current session and allows the use of the sqlplus command to set the oracle environment, run the commands shown in the following example when prompted, specify the system id (sid) for the instance ( orcl in this example) or use the default value indicated between the brackets in line 4 in the following sample all instances on the system require a unique sid $ su oracle $ cd $ /usr/local/bin/oraenv oracle sid = \[oracle] ? orcl upon success, the command returns the following message the oracle base has been set to /home/oracle/app/oracle set the encryption wallet location the encryption wallet location parameter specifies the location of the oracle wallet you must modify this parameter to specify the use of an hsm in place of the software wallet use the following steps to set the encryption wallet location parameter go to the $oracle home/network/admin directory $ env | grep oracle home oracle home=/home/oracle/app/oracle/product/12 2 0/dbhome 1 $ cd /home/oracle/app/oracle/product/12 2 0/dbhome 1/network/admin open the sqlnet ora file in a text editor if the encryption wallet location parameter is already present, change the method value to hsm if the encryption wallet location parameter is not present, add the parameter as follows encryption wallet location=(source=(method=hsm)) if a directory value is present in the encryption wallet location parameter, do not delete it although the {{vectera}} does not require a directory value, the value specifies the locatation of the old software wallet when migrating to hsm based tde also, the directory value might be required by tools such as the recovery manager ( rman ) to locate the software wallet save and close the file copy the futurex pkcs #11 library to the correct path copy the {{futurex}} pkcs #11 library file ( libfxpkcs11 so ) to the path /opt/oracle/extapi/\[32,64]/hsm/futurex/x x/ where x x is the library version copy the pkcs11manager and fxpkcs11 cfg files into the /etc directory