Importing keys when plugging PDB into CDB fails with "ORA-46654: cannot add the imported keys to the keystore" (Doc ID 2439489.1)

Last updated on APRIL 17, 2023

Applies to:

Oracle Database - Enterprise Edition - Version 12.1.0.2 and later
Information in this document applies to any platform.

Symptoms

Oracle Database 12.1.0.2 and higher, Multitenant with TDE:

A PDB or non-CDB database has been plugged in to a CDB.

As expected, the new PDB opens with violations because the TDE keys need to be imported.

However, importing the keys using ADMINISTER KEY MANAGEMENT and the "WITH IDENTIFIER" clause fails with an error.

As an example, export key (from the NON-CDB), using:

Changes

Plugging a non-CDB into a CDB using an export key created with the "WITH IDENTIFIER IN" clause.

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Importing keys when plugging PDB into CDB fails with "ORA-46654: cannot add the imported keys to the keystore" (Doc ID 2439489.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!