oracle wallet 사용하기
1) test 유저 생성
create user test identified by "Passw0rd";
grant connect to test;
2) wallet 용 tns alias 추가
cd $ORACLE_HOME/network/admin
vi tnsnames.ora
WAL_TEST =
(DESCRIPTION=
(ADDRESS_LIST=
(ADDRESS=(PROTOCOL=TCP)(HOST=xxx.xx.xx.xxx)(PORT=1521))
)
(CONNECT_DATE=
(SERVICE_NAME=DFS)(SERVER=DEDICATED)
)
)
3) conn script
cd /home/oracle/
-- vi p_test.sql
conn test/"Passw0rd" @WAL_TEST
show user;
select count(*) from all_objects;
exit;
-- vi np_test.sql
conn /@WAL_TEST
show user;
select count(*) from all_objects;
exit;
4) make wallet
-- wallet 저장 디렉토리 생성
mkdir $ORACLE_HOME/network/admin/wallet
-- wallet 생성, wallet 패스워드 입력
orapki wallet create -wallet "wallet 디렉토리" -auto_login_local
-- credential 생성, alias, 계정/비번 wallet 패스워드 입력
mkstore -wrl "wallet 디렉토리" -createCredential WAL_TEST test Passw0rd
=> wallet 비밀번호 입력
-- sqlnet.ora 에 wallet dir 추가
cd $ORACLE_HOME/network/admin
vi sqlnet.ora
WALLET_LOCATION=
(SOURCE=
(METHOD=FILE)
(METHOD_DATA=
(DIRECTORY= "wallet 디렉토리")
))
SQLNET.WALLET_OVERRIDE = TRUE
SSL_CLIENT_AUTHENTICATION = FALSE
SSL_VERSION = 0
5) 실행
cd /home/oracle/
ss
@p_test
@np_test
-- ### wallet 관리 #######
select *
from v$encryption_wallet
;
-- credential list 확인
mkstore -wrl "wallet 디렉토리" -listCredential
-- credential list 삭제
mkstore -wrl "wallet 디렉토리" -deleteCredential WAL_TEST
-- credential 비번 수정
mkstore -wrl "wallet 디렉토리" -modifyCredential WAL_TEST test pass1234
-- wallet 비번 수정
orapki wallet change_pwd -wallet "wallet 디렉토리" -oldpwd "Passw0rd" -newpwd "oracle123"
-- wallet 삭제
rm *wallet*