In this Document
Goal
Solution
References
APPLIES TO:
Advanced Networking Option - Version 12.2.0.1 and later
Information in this document applies to any platform.
GOAL
Is it possible to perform a database restore/recover if the TDE wallet has been lost or corrupted?
SOLUTION
No. In order to restore a backup with encrypted data, the correct TDE wallet file must be available, else the restore/recover cannot be done.
If all copies of the current ewallet.p12 file (the encryption wallet or TDE wallet, used to stored the master encryption keys needed by the database) are lost -- whether deleted or corrupted -- then the database cannot be restored. Oracle Support cannot assist in restoring the database if the correct TDE wallet is missing.
The wallet password is not the same as the database master key. Knowing the password will not help, because this is only used to open the ewallet.p12 file.
The ewallet.p12 file is a critical component of the database's ability to function when TDE has been implemented. There is no way to substitute another wallet, or decrypt the data, without having the correct TDE wallet file.
Treat the ewallet.p12 file accordingly, and make sure to protect it against loss.