You can register a target database in Oracle Data Safe from the Targets tab in the Oracle Data Safe Console. During registration, you can configure a TCP or TLS connection. For a TLS connection, you need to upload a wallet or a certificate.
- Sign in to the Oracle Data Safe Console.
- Click the Targets tab.
- Click Register. The Register Target dialog box is displayed.
- Enter a name for your target database. This name can be any name you want, and all characters are accepted. The maximum number of characters is 512.This name appears in all of the Oracle Data Safe reports that pertain to your target database.
- (Optional) Enter a description for your target database.
- Leave Oracle Database selected as the target type. Currently, Oracle Database is the only option.
- Select the resource group to which you want the target database to belong. Or, enter the name of a new resource group.
The Default Resource Group is selected by default.
The target database is added to the specified resource group.
You can add a target database to only one resource group and you cannot change the resource group after the target database is registered.
- In the OCID field, enter the Oracle Cloud Identifier (OCID) for your target database; for example,
ocid1.dbsystem.oc1.iad.abc.The OCID is used to validate whether you have the
manageprivilege on the target database in Oracle Cloud Infrastructure Identity and Access Management (IAM).The OCID for the target database is available in the database's console in Oracle Cloud Infrastructure.
- For connection type, select TCP or TLS.
The default selection is TCP.
- Enter the Hostname/IP Address, Port Number, and Database Service Name for the target database. Enter the long version of the database service name, for example,
abc_prod.subnetad3.tttvcn.companyvcn.com.For a DB system: Oracle Data Safe supports only a public IP address as a target database network address. The public IP address should match the public IP address of the database system in Oracle Cloud Infrastructure Console.For an Autonomous Database: Oracle Data Safe supports only the public Domain Name System (DNS) of the Autonomous Database as a target database network address. The public DNS is available in the connect string of the Autonomous Database in Oracle Cloud Infrastructure Console. The target database's service name and port number should also match one of the connect strings available in Oracle Cloud Infrastructure Console.
- If you are configuring a TLS connection, do the following:
- Enter the Target Distinguished Name. This name is the distinguished name used while creating the certificate on target database.An example name is
CN=abcd.uscom-east-1.example.com,OU=Oracle BMCS US,O=Oracle Corporation,L=Redwood City,ST=California,C=US.
- Select a wallet or certificate type and complete the steps in the following table.
Wallet or Certificate Type
SSL_CLIENT_AUTHENTICATION(parameter value on target database)
Steps JKS Wallet TRUE
- Click the first Choose File button, and select a truststore.jks file.
- Click the second Choose File button, and select a keystore.jks file.
- Enter the wallet password.
JKS Wallet FALSE
- Click Choose File, select a trustore.jks file.
- Enter the wallet password.
DER Certificate FALSE Click Choose File and select a CRT or DER file. PEM Certificate FALSE Click Choose File and select a PEM or DER file. NONE FALSE You do not need to upload any files.
- Enter the Target Distinguished Name.
- Enter the database user name and password that you created on the target database specifically for Oracle Data Safe.If you created the user on the target database without quotation marks, you must enter the user name in uppercase here. For example, if the user name on the target database is called
test, then you must enter
TEST.You cannot specify database roles, such as
SYSKM, and you cannot specify
SYSas the user.
- (Optional) To verify that Oracle Data Safe can successfully connect to the target database, click Test Connection.
- Click Register Target. You can add a target database even if the connection test fails or if the target database does not exist.