本文介绍了使用RMAN进行数据库加密备份的过程,并演示了如何解决因钱包未打开导致的备份失败问题,最后完成了数据的备份与恢复。
如下这篇文章,主要是做一个简单的rman加密的演示
启用db的加密
RMAN> CONFIGURE ENCRYPTION FOR DATABASE on
2> ;
new RMAN configuration parameters:
CONFIGURE ENCRYPTION FOR DATABASE ON;
new RMAN configuration parameters are successfully stored查看数据库默认的加密算法
SQL> select * from v$rman_encryption_algorithms;
ALGORITHM_ID ALGORITHM_NAME ALGORITHM_DESCR IS_DEFAUL RESTORE_O
------------ --------------- --------------- --------- ---------
1 AES128 AES 128-bit key YES NO
2 AES192 AES 192-bit key NO NO
3 AES256 AES 256-bit key NO NO
RMAN> show encryption algorithm;
RMAN configuration parameters for database with db_unique_name ORCL are:
CONFIGURE ENCRYPTION ALGORITHM 'AES128'; # default设定密码
RMAN> set encryption on identified by "Oracle123" only;
executing command: SET encryption尝试去备份
RMAN> set decryption identified by "Oracle123";
executing command: SET decryption
RMAN> backup database;
Starting backup at 11-AUG-17
using channel ORA_DISK_1
using channel ORA_DISK_2
using channel ORA_DISK_3
using channel ORA_DISK_4
using channel ORA_DISK_5
using channel ORA_DISK_6
channel ORA_DISK_1: starting full datafile backup set
channel ORA_DISK_1: specifying datafile(s) in backup set
××× ××××
continuing other job steps, job failed will not be re-run
RMAN-03009: failure of backup command on ORA_DISK_3 channel at 08/11/2017 12:05:50
ORA-19914: unable to encrypt backup
ORA-28365: wallet is not open
continuing other job steps, job failed will not be re-run
RMAN-00571: ===========================================================
RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS ===============
RMAN-00571: ===========================================================
RMAN-03009: failure of backup command on ORA_DISK_4 channel at 08/11/2017 12:05:50
ORA-19914: unable to encrypt backup
ORA-28365: wallet is not open
RMAN> ORA-28365: wallet is not open
该错误的解释:
[oracle@hdp backupset]$ oerr ora 28365
28365, 0000, "wallet is not open"
// *Cause: The security module wallet has not been opened.
// *Action: Open the wallet.去相应目录创建wallet文件夹就可以了
– 创建钱夹
[oracle@hdp orcl]$ mkdir wallet
[oracle@hdp orcl]$ pwd
/u01/app/oracle/admin/orcl
[oracle@hdp orcl]$ ls
adump dpdump pfile wallet
[oracle@hdp orcl]$ sqlplus / as sysdba
SQL*Plus: Release 11.2.0.4.0 Production on Fri Aug 11 12:12:35 2017
Copyright (c) 1982, 2013, Oracle. All rights reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL> ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY "Oracle123"
2 ;
System altered.
SQL>
ALTER SYSTEM SET DECRYPTION KEY IDENTIFIED BY "Oracle123"再次去备份的时候发现可以正常备份了。
然后我们再试着去恢复
RMAN> set decryption identified by "Oracle123";
RMAN> restore database;
Starting restore at 11-AUG-17
using target database control file instead of recovery catalog
allocated channel: ORA_DISK_1
channel ORA_DISK_1: SID=63 device type=DISK
allocated channel: ORA_DISK_2
channel ORA_DISK_2: SID=129 device type=DISK
××× ××××
channel ORA_DISK_3: restoring datafile 00001 to /u01/app/oracle/oradata/orcl/system01.dbf
channel ORA_DISK_3: reading from backup piece /u02/backup/ORCL/backupset/2017_08_11/o1_mf_nnndf_TAG20170811T121333_drtcqfq0_.bkp
RMAN-00571: ===========================================================
RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS ===============
RMAN-00571: ===========================================================
RMAN-03002: failure of restore command at 08/11/2017 12:19:20
ORA-19870: error while restoring backup piece /u02/backup/ORCL/backupset/2017_08_11/o1_mf_nnndf_TAG20170811T121333_drtcqfsk_.bkp
ORA-19913: unable to decrypt backup
ORA-28365: wallet is not open
RMAN> 原来是wallet没有打开
1* SELECT * FROM V$ENCRYPTION_WALLET
SQL> /
WRL_TYPE WRL_PARAMETER STATUS
------------------------------------------------------------ --------------- ------------------------------------------------------
file /u01/app/oracle **CLOSED**
/admin/orcl/wal
let
SQL> alter system set wallet open identified by "Oracle123"
2 /
System altered.
SQL> SELECT * FROM V$ENCRYPTION_WALLET;
WRL_TYPE WRL_PARAMETER STATUS
------------------------------------------------------------ --------------- ------------------------------------------------------
file /u01/app/oracle OPEN
/admin/orcl/wal
let
SQL> 打开钱包后的操作,我们才可以继续我们的操作
[oracle@hdp ~]$ rman target/
Recovery Manager: Release 11.2.0.4.0 - Production on Fri Aug 11 12:36:52 2017
Copyright (c) 1982, 2011, Oracle and/or its affiliates. All rights reserved.
connected to target database: ORCL (DBID=1477533441, not open)
RMAN> restore database;
Starting restore at 11-AUG-17
using target database control file instead of recovery catalog
allocated channel: ORA_DISK_1
channel ORA_DISK_1: SID=129 device type=DISK
allocated channel: ORA_DISK_2
channel ORA_DISK_2: SID=194 device type=DISK
allocated channel: ORA_DISK_3
channel ORA_DISK_3: SID=5 device type=DISK
****** [ignore something] ******
channel ORA_DISK_3: piece handle=/u02/backup/ORCL/backupset/2017_08_11/o1_mf_nnndf_TAG20170811T121333_drtcqfq0_.bkp tag=TAG20170811T121333
channel ORA_DISK_3: restored backup piece 1
channel ORA_DISK_3: restore complete, elapsed time: 00:00:15
Finished restore at 11-AUG-17
RMAN> recover database;
Starting recover at 11-AUG-17
using channel ORA_DISK_1
using channel ORA_DISK_2
using channel ORA_DISK_3
using channel ORA_DISK_4
using channel ORA_DISK_5
using channel ORA_DISK_6
datafile 4 not processed because file is offline
starting media recovery
media recovery complete, elapsed time: 00:00:00
Finished recover at 11-AUG-17
RMAN> sql 'alter database open'
2> ;
sql statement: alter database open
RMAN> 
扫一扫
514
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
