Deleting and Recreating the Wallet in 11.2 Results in ORA-28374

(Doc ID 988022.1)

Last updated on MARCH 05, 2017

Applies to:

Advanced Networking Option - Version 11.2.0.1 to 11.2.0.1 [Release 11.2]
Information in this document applies to any platform.
Checked for relevance on 08-MAR-2013

Symptoms

In 11.2.0.1, if performing the following sequence of commands, on a database where TDE has never been actually used results in a ORA-28374 error:

#1. create a new master encryption key, using

alter system set encryption key identified by "wallet password";


#2. delete the generated wallet, without creating any encrypted object beforehand.
#3. try to create a new master encryption key using again:

alter system set encryption key identified by "wallet password";


From here on, any attempt to do something related to TDE, eg, create an encrypted tablespace or rekey the master key, fails with the same error. In a RAC environment, the situation is even worse, because the wallets on the 2 or more nodes cannot be opened on all nodes simultanously, hence the system becomes unusable from TDE perspective.

Changes

The wallet file ewallet.p12 was inadvertently deleted.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms