Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Release Notes

search

Release Notes

Product Description

CAKM for Oracle TDE provides key management and data encryption capabilities, in conjunction with the CipherTrust Manager, to Oracle Transparent Data Encryption (TDE).

Release Description

This release includes new features and enhancements.

Features and Enhancements

  • Support of Oracle 19c Exadata Cloud@Customer (ExaCC)

  • Support of PDB in Isolated Mode

  • Enhanced support of keys in v$Encryption view to 20000

Advisory Notes

  • Multiple CipherTrust Manager users with Key_user privileges in the same domain can view the v$Encryption by adding them to a group. This group is then added to DATA_OBJECT_SUPPORTED_IDEN object with Read, Use, and Export permission only.

Supported Product Versions

Supported Platforms

  • Windows Server 2022 and 2019, 64 bit (validated with Windows Server 2022)

  • RHEL 9.x, 64-bit

  • RHEL 8.x, 64-bit (validated with RHEL 8.7)

  • RHEL 7.x, 64-bit (validated with RHEL 7.9)

  • Oracle Linux 8.x, 64-bit (validated with OEL 8.6)

  • Oracle Linux 8.x, 64-bit (validated Dataguard on OEL 8.x)

  • Oracle Linux 8.x, 64-bit (validated Oracle 19c ExaCC on OEL 8.9)

  • Oracle Linux 7.x, 64-bit (validated with OEL 7.9)

Supported Oracle Database

  • Oracle Database 19c (validated with 19.16.0.0.0)

Supported CipherTrust Manager

  • CipherTrust Manager 2.5.2 and higher

    Note

    • Support for LDAP Users with CipherTrust Manager version 2.8 and above.

    • Support for V$Encryption Key with CipherTrust Manager version 2.10 and above.

    • Migration from VKM to CAKM for Oracle TDE is supported from CipherTrust Manager 2.5.2 and higher.

Upgrade Paths

CAKM for Oracle TDE can be upgraded from:

  • SafeNet PKCS#11 library to CAKM for Oracle TDE

    FromTo
    SafeNet PKCS#11 libraryCAKM for Oracle TDE 8.10.0 or higher

    Note

    Upgrade is validated from SafeNet PKCS#11 Library 8.3.0 and higher.

  • VKM to CAKM for Oracle TDE

    FromTo
    VKM 6.3.0 or higherCAKM for Oracle TDE provider 8.10.0 or higher
    DSM 6.4.4 or higherCipherTrust Manager 2.5.2 and higher

Limitations

  • v$encryption is only supported if the CipherTrust Manager is reachable.

  • v$encryption view will only show recently created/updated 20,000 keys:

    • if the number of master keys is greater than 20,000 per domain on the CipherTrust Manager version 2.12 and above.

    • if the number of master keys is greater than 20,000 across the CipherTrust Manager versions 2.10 and 2.11.1. For more information, refer to KY-59220 under Resolved issue of CipherTrust Manager Release Notes.

On this page