Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

Release Notes

search
printsuggest an editpdf paneldownload

Release Notes

copy link to clipboardProduct Description

CAKM for Oracle TDE provides key management and data encryption capabilities, in conjunction with the CipherTrust Manager, to Oracle Transparent Data Encryption (TDE).

copy link to clipboardRelease Description

This release includes new features and enhancements.

copy link to clipboardFeatures and Enhancements

  • OpenSSL Upgrade: The OpenSSL version used by CAKM for Oracle TDE is upgraded to 3.0.15

  • Ease of configuration by copying parameters from previous configuration file) during upgrade

  • Installation parameters can be passed while performing silent installation for both Linux and Windows

  • Tracking the Opaque Object associated with the AES Key

  • Enhanced support of keys in v$encryption view to 0.5 million (CM 2.13 onwards)

  • Added process name in the CAKM Log file

  • Provided support to configure Encrypted Credential in configuration file (cakm_for_oracle_tde_basic.conf) and command line argument used in silent installation for both Linux and Windows

copy link to clipboardAdvisory Notes

  • Multiple CipherTrust Manager users with Key_user privileges in the same domain can view the v$Encryption by adding them to a group. This group is then added to DATA_OBJECT_SUPPORTED_IDEN object with Read, Use, and Export permission only.

copy link to clipboardSupported Product Versions

copy link to clipboardSupported Platforms

  • Windows Server 2022 and 2019, 64 bit (validated with Windows Server 2022)

  • RHEL 9.x, 64-bit (validated with RHEL 9.5)

  • RHEL 8.x, 64-bit (validated with RHEL 8.7)

  • RHEL 8.x, 64-bit (validated Oracle 19c ExaCC on RHEL 8.10) on DataGuard platform

  • Oracle Linux 9.x, 64-bit (validated with Oracle Linux 9.4)

  • Oracle Linux 8.x, 64-bit (validated with Oracle Linux 8.7)

copy link to clipboardSupported Oracle Database

  • Oracle Database 19c (validated with 19.25.0.0.0)

copy link to clipboardSupported CipherTrust Manager

  • CipherTrust Manager 2.5.2 and higher

    Note

    • Support for LDAP Users with CipherTrust Manager version 2.8 and above.

    • Support for v$encryption_keys with CipherTrust Manager version 2.10 and above.

    • Migration from VKM to CAKM for Oracle TDE is supported from CipherTrust Manager 2.5.2 and higher.

copy link to clipboardKnown Issues

This section lists the issues known to exist in the product at the time of release. The following table defines the severity of the issues listed in this section.

SeverityClassificationDefinition
CCriticalNo reasonable workaround exists.
HHighReasonable workaround exists.
MMediumMedium level priority problems.
LLowLowest level priority problems.

copy link to clipboardKnown Issues

IssueSeveritySynopsis
CADP-24068MProblem: CAKM for Oracle TDE does not attempt to reconnect to CipherTrust Manager when encountering a read timeout error during authentication.
Workaround: You can use a persistent cache to minimize the number of requests that CAKM for Oracle TDE sends to CipherTrust Manager.

copy link to clipboardUpgrade Paths

CAKM for Oracle TDE can be upgraded from:

  • SafeNet PKCS#11 library to CAKM for Oracle TDE

    FromTo
    SafeNet PKCS#11 libraryCAKM for Oracle TDE 8.10.0 or higher

    Note

    Upgrade is validated from SafeNet PKCS#11 Library 8.3.0 and higher.

  • VKM to CAKM for Oracle TDE

    FromTo
    VKM 6.3.0 or higherCAKM for Oracle TDE provider 8.10.0 or higher
    DSM 6.4.4 or higherCipherTrust Manager 2.5.2 and higher

copy link to clipboardLimitations

  • v$encryption is only supported if the CipherTrust Manager is reachable.

On this page