Use the ADD MASTERKEY command to add a master key to a master-key wallet. The master key is used by Extract and Replicat to encrypt the encryption keys that secure data being sent across the network and in the trail files, so that those keys can be sent to, and used, by downstream processes. The master key omits the need to use wallet storage for the keys that actually encrypt the data.

The master-key wallet must be open to add a key. Use the GGSCI CREATE WALLET or the OPEN WALLET command to open a wallet. The wallet remains open throughout the same session in which the command was issued.

The master key is generated as a random sequence of bits. The length is 256 bits by default. The key name is OGG_DEFAULT_MASTERKEY.

After adding a master key to a wallet that is not maintained centrally on shared storage, the updated wallet must be copied to all of the other systems in the Oracle GoldenGate configuration that use this wallet. Before doing so, Extract must be stopped and then all of the downstream Oracle GoldenGate processes must be allowed to finish processing their trails and then be stopped. After the wallet is copied into place, the processes can be started again. For detailed instructions, see Encrypting Data with the Master Key and Wallet Method.

Syntax

ADD MASTERKEY

Example

ADD MASTERKEY 
2019-11-21T19:37:23Z  ERROR   OGG-06137  Master key 'OGG_DEFAULT_MASTERKEY' does not exist in Oracle Wallet.
2019-11-21T19:37:23Z  INFO    OGG-06142  Created version 1 of master key 'OGG_DEFAULT_MASTERKEY' in Oracle Wallet.