Release Notes
Product Description
CAKM for Oracle TDE provides key management and data encryption capabilities, in conjunction with the CipherTrust Manager, to Oracle Transparent Data Encryption (TDE).
Release Description
This release includes new features and enhancements.
Features and Enhancements
OpenSSL Upgrade: The OpenSSL version used by CAKM for Oracle TDE is upgraded to 3.0.15
Ease of configuration by copying parameters from previous configuration file) during upgrade
Installation parameters can be passed while performing silent installation for both Linux and Windows
Tracking the Opaque Object associated with the AES Key
Enhanced support of keys in v$encryption view to 0.5 million (CM 2.13 onwards)
Added process name in the CAKM Log file
Provided support to configure Encrypted Credential in configuration file (
cakm_for_oracle_tde_basic.conf
) and command line argument used in silent installation for both Linux and Windows
Advisory Notes
- Multiple CipherTrust Manager users with
Key_user
privileges in the same domain can view the v$Encryption by adding them to a group. This group is then added to DATA_OBJECT_SUPPORTED_IDEN object withRead
,Use
, andExport
permission only.
Supported Product Versions
Supported Platforms
Windows Server 2022 and 2019, 64 bit (validated with Windows Server 2022)
RHEL 9.x, 64-bit (validated with RHEL 9.5)
RHEL 8.x, 64-bit (validated with RHEL 8.7)
RHEL 8.x, 64-bit (validated Oracle 19c ExaCC on RHEL 8.10) on DataGuard platform
Oracle Linux 9.x, 64-bit (validated with Oracle Linux 9.4)
Oracle Linux 8.x, 64-bit (validated with Oracle Linux 8.7)
Supported Oracle Database
- Oracle Database 19c (validated with 19.25.0.0.0)
Supported CipherTrust Manager
CipherTrust Manager 2.5.2 and higher
Note
Support for LDAP Users with CipherTrust Manager version 2.8 and above.
Support for v$encryption_keys with CipherTrust Manager version 2.10 and above.
Migration from VKM to CAKM for Oracle TDE is supported from CipherTrust Manager 2.5.2 and higher.
Known Issues
There are no Known issues to be listed in this section.
Upgrade Paths
CAKM for Oracle TDE can be upgraded from:
SafeNet PKCS#11 library to CAKM for Oracle TDE
From To SafeNet PKCS#11 library CAKM for Oracle TDE 8.10.0 or higher Note
Upgrade is validated from SafeNet PKCS#11 Library 8.3.0 and higher.
VKM to CAKM for Oracle TDE
From To VKM 6.3.0 or higher CAKM for Oracle TDE provider 8.10.0 or higher DSM 6.4.4 or higher CipherTrust Manager 2.5.2 and higher
Limitations
- v$encryption is only supported if the CipherTrust Manager is reachable.