RMAN Point-In-Time Recovery (PITR) Fails With ORA-28365, Yet Full Recovery Succeeds
Last updated on JANUARY 20, 2018
Applies to:Oracle Database - Enterprise Edition - Version 22.214.171.124 to 126.96.36.199 [Release 12.1]
Advanced Networking Option - Version 188.8.131.52 to 184.108.40.206 [Release 12.1]
Information in this document applies to any platform.
Oracle Database 12.1, using Transparent Date Encryption (TDE):
Point-in-time recovery (PITR) performed with RMAN (for example, using SET UNTIL SCN) fails with:
ORA-19913: unable to decrypt backup
ORA-28365: wallet is not open
This happens even after the "usual suspects" have been ruled out:
- The auto-login wallet (cwallet.sso) is present, and is proven to be correct & uncorrupted, as it successfully opens the encryption wallet (ewallet.p12) using orapki.
- All pertinent environment variables, related to sqlnet.ora and ENCRYPTION_WALLET_LOCATION (or its default value), such as $TNS_ADMIN, $ORACLE_UNQNAME, $ORACLE_BASE and/or $ORACLE_SID, have been verified and set correctly in the OS session (if RAC, also in srvctl).
- Permissions are OK on the wallet directory and wallet files.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms