Oracle Kye-vault Installation (Version 21.4 ) ( Chapter -I )

-

Interesting story behind this: I have received a customer requirement for a DBA position, and the main criteria was: the DBA must know oracle key vault, for their security solution project. I have received around 25/30 resumes where everyone has written, they know Oracle key-vault. While interviewing, someone saying it's a security file 😆, someone saying it's a parameter that exists since 12c on-words 😀, others saying it's a tool like oracle wallet & TDE 😟. Everyone disappointed me, although it's just a matter of little more detail reading of  (https://docs.oracle.com/en/database/oracle/key-vault/21.4/).  So thought of writing this blog and share it across for quick understanding. 

Note: I have done this installation/deployment of  appliance image in my VM ware server. Created a 300Gigs vm with 8 GB of RAM & 2 vCPUs, and deployed it. Very simple. 

Oracle Kye-vault is a security solution soft appliance from Oracle. It comes as an ISO image from edelivery website. It also comes with a complete image of the machine OS (OEL7) with DB inbuilt in it & the application already preinstalled. All security rules from DB to network & OS are pre-hardened. You can't modify them.

It provides a secure, central repository for security objects, such as keys, certificates, passwords, and opaque objects. As an enterprise key management platform, Oracle Key Vault provides a central platform to manage these security objects and their lifecycle.

Although it is a hardware appliance, you can pretty much simulate it by your own using oracle provided ISO in your own vm.

I will show you how to create your own appliance using Oracle key-vault, (step by step), & will explain below points in multiple chapters.

  •     Download options
  •     Installation
  •     Configuration  
  •     Administration.
  •     Experienced Tips.

Software can be downloaded from oracle’s e-delivery site.
 (https://edelivery.oracle.com)






The OS comes with the ISO is OEL-7 (17GB). So make sure, your vm configuration is compatible with OEL7 only.

Below are the rest of Hardware configurations.



Map the ISO to VM disk drive & boot from there.


4

OPPS!! I stuck in this error for an hour 😟, but my 2 expert friends helped to resolve this. Below are the solution steps.

Special thanks to "Sandip & Kanhu". 😊  

Solution:

Open the Host Client, and log in to the ESXi.

 Locate the Windows Server 2016 virtual machine for which you are enabling the disk UUID attribute, and power off the virtual machine.

 After power-off, right-click the virtual machine, and choose Edit Settings.

  •        Click VM Options tab, and select Advanced.
  •        Click Edit Configuration in Configuration Parameters.
  •        Click Add parameter.
  •        In the Key column, type disk.EnableUUID.
  •        In the Value column, type TRUE.
  •        Click OK and click Save.

Power on the virtual machine













Now I restated the installation again. This time totally cool.. no errors at all.



11


12


13

Put a new password here & Save the password here for direct login.

14

15


16


This is my IP address, you can choose from your own available IPs. 




18


19


20


21

22


 

23


24

25

All done. ! Good Job. 

The total installation took around 5 hours for me. But Oracle says it should be in 30 mins. May be my hardware resources are not enough to speed it up. 

Now put the above created password for login. 

Now you can use the URL to lunch your Key vault UI console.
https://192.168.1.66/ (Like this). 
Note: it is SSL enabled already. 
You need to enter your previously created root password. 

Note: You will get a chance only once to do the post installation, so carefully save all the passwords. 



Post installation Task:




Save the passwords, else it will very hard to restore.

After 1st login you again need to change it.




Save your password carefully.


This is the final screen of your 1st login. I have logged in using sysadmin. 


Chapter -2: (Configuration) .... continues !!

In the next chapter I will explain difference between sysadmin Vs keyadmin & will configure endpoints.  








Comments

Post a Comment

Popular posts from this blog

R12.2 Log file locations

-
Few Logfile location on EBS R12.2.X Admin server   -   $FMW_HOME/user_projects/domains/EBS_domain_$TWO_TASK/servers/AdminServer/logs/AdminServer.log oacore logfile  -  $FMW_HOME/user_projects/domains/EBS_domain_$TWO_TASK/servers/oacore_server1/logs/oacore_server1.log oacore out file  -  $FMW_HOME/user_projects/domains/EBS_domain_$TWO_TASK/servers/oacore_server1/logs/oacore_server1.out oacore diagnostic log -  $FMW_HOME/user_projects/domains/EBS_domain_$TWO_TASK/servers/oacore_server1/logs/oacore_server1-diagnostic.log oafm logfile -  $FMW_HOME/user_projects/domains/EBS_domain_$TWO_TASK/servers/oafm_server1/logs/oafm_server1.log oafm outfile -  $FMW_HOME/user_projects/domains/EBS_domain_$TWO_TASK/servers/oafm_server1/logs/oafm_server1.out oafm diagnostic log  - $FMW_HOME/user_projects/domains/EBS_domain_$TWO_TASK/servers/oafm_server1/logs/oafm_server1-diagnostic.log form server log  - $FMW_HOME/user_projects/domain...
Read more

Cloning

-
Apps 11i Multinode to single node To see if your environment is ready for the Cloning with Rapid Clone, please check the Metalink Note   230672.1. NOTE: The initial system has ONE APPL_TOP on one node (apps.localdomain) and the DB tier on another node (db.localdomain).     These easy to follow steps will allow you to move or clone Oracle applications from one location to another. This can be essential when moving from a multi-node system to single-node system. It may seem complex, but by approaching such a task one stage at a time it will become much easier under understand this technical process. 1.   Maintain Snapshot information (on the APPS node)     adadmin -> 2. Maintain Applications Files menu -> 5. Maintain snapshot information -> 2. Update current view snapshot 2. Prepare the source system database tier for cloning       cd <RDBMS ORACLE_HOME>/appsutil/scripts/<CONTEXT_NAME...
Read more