Configuring Cryptographic Security Platform Vault for Oracle TDE

This section explains how to configure Cryptographic Security Platform Vault for Oracle TDE.

Create Cryptographic Security Platform Vault Key Set for Oracle TDE

Note: If you have an HSM configured with Cryptographic Security Platform Vault, you can create a keyset with HSM support enabled.

1. Log into the Cryptographic Security Platform Vault for Databases webGUI using an account with Cloud Admin privileges.

2. In the top menu bar, click Cloud Keys.

3. From the Key Sets tab, select Actions > Create Key Set.

4. On the Details tab of the Create Key Set dialog box, ensure that you select Oracle Database Server for the Database type.

For more information, see Creating a Key Set for TDE.

Enable TDE on Oracle Server

Before creating the Cryptographic Security Platform Vault Database Connector, you must enable TDE on the Oracle Server VM.

To enable TDE, run the following command on the Oracle Server VM: hcl tde enable -y

Configure Cryptographic Security Platform Vault Database Connector

To create the Cryptographic Security Platform Vault Database Connector.

1. Create a Database Connector for this KeySet and the Oracle Server VM.

   This is the VM registered during installation.

   Navigate to the KeySet and select the Database Connectors tab. Select Create Connector Now.

2. Enter the VM Name and Connector Name.

3. Check the database connector is created correctly.