Lab changes + validation fixes

database/advanced/key-vault/key-vault-Lab10.md → database/advanced/key-vault/key-vault-lab-10.md

@@ -45,7 +45,7 @@ This lab builds on concepts and operations from lab 9. Complete lab 9 first befo
     ````
     <copy>
     sqlplus / as sysdba
-    ADMINISTER KEY MANAGEMENT SET KEY FORCE KEYSTORE IDENTIFIED BY EXTERNAL STORE;
+    ADMINISTER KEY MANAGEMENT SET KEY FORCE KEYSTORE IDENTIFIED BY EXTERNAL STORE CONTAINER = ALL;
     exit;
     </copy>
     ````
@@ -67,4 +67,9 @@ This lab builds on concepts and operations from lab 9. Complete lab 9 first befo
     </copy>
     ```
 
-    ![Key Vault](./images/Screenshot_2025-10-07_23.39.39.png "Verify that the tablespace was re-keyed")
+    ![Key Vault](./images/Screenshot_2025-10-07_23.39.39.png "Verify that the tablespace was re-keyed")
+
+## Acknowledgements
+- **Author** - Shubham Goyal
+- **Contributors** - Daniel Wu, Peter Wahl, Rahil Mir
+- **Last Updated By/Date** - Shubham Goyal - March 2026

database/advanced/key-vault/key-vault-Lab11.md → database/advanced/key-vault/key-vault-lab-11.md

@@ -14,7 +14,7 @@ This lab builds on concepts and operations from lab 10. Complete lab 10 first be
 
 ## Task 1: Generate a key external to Oracle Key Vault
 
-1.  Write your key to a file
+1. Write your key to a file
 
     In this example, we use openssl to generate TDE Master Encryption Key. You can use other means to generate this key.
 
@@ -27,7 +27,7 @@ This lab builds on concepts and operations from lab 10. Complete lab 10 first be
 
 ## Task 2: Upload the key to Oracle Key Vault
 
-1.  Log in to Key Vault as user **KVRESTADMIN**
+1. Log in to Key Vault as user **KVRESTADMIN**
 
     Get the password of KVRESTADMIN by executing this command
 
@@ -94,4 +94,9 @@ This lab builds on concepts and operations from lab 10. Complete lab 10 first be
     </copy>
     ```
 
-    ![Key Vault](./images/Screenshot_2025-10-08_12.12.47.png "Verify that the tablespace was re-keyed")
+    ![Key Vault](./images/Screenshot_2025-10-08_12.12.47.png "Verify that the tablespace was re-keyed")
+
+## Acknowledgements
+- **Author** - Shubham Goyal
+- **Contributors** - Peter Wahl, Rahil Mir
+- **Last Updated By/Date** - Shubham Goyal - March 2026

database/advanced/key-vault/key-vault-Lab12.md → database/advanced/key-vault/key-vault-lab-12.md

@@ -290,3 +290,8 @@ A Key Vault cluster provides continuous availability of your keys to ensure unin
     This section highlights how many read-write pairs are part of the cluster as well as the cluster service status. For now, there is just one node that we setup.
 
     ![Key Vault](./images/image-2025-09-11-19.02.06.png "On the Home page, the System Overview section at the bottom is updated, identifying the deployment mode as Cluster")
+
+## Acknowledgements
+- **Author** - Shubham Goyal
+- **Contributors** - Peter Wahl, Rahil Mir
+- **Last Updated By/Date** - Shubham Goyal - March 2026

database/advanced/key-vault/key-vault-Lab4.md → database/advanced/key-vault/key-vault-lab-4.md

@@ -27,25 +27,30 @@ cd $DBSEC_LABS/okv
 The script will display the output:
 
 1. The system parameters controlling the behavior of TDE in your database: 
-- The default algorithm is AES256
-- Newly created tablespaces will be encrypted by default
-- The database uses a file-based wallet 
-- Root directory of the database wallet, <WALLET\_ROOT>. TDE wallets are located at <WALLET\_ROOT>/tde.
+    - The default algorithm is AES256
+    - Newly created tablespaces will be encrypted by default
+    - The database uses a file-based wallet 
+    - Root directory of the database wallet, <WALLET\_ROOT>. TDE wallets are located at <WALLET\_ROOT>/tde.
 
-![Key Vault](./images/OKV-LL4-001a.png "You see the system parameters that are controlling the behavior of TDE in your database.")
+    ![Key Vault](./images/OKV-LL4-001a.png "You see the system parameters that are controlling the behavior of TDE in your database.")
 
 2. The file-based wallet is open, and the database can use the master keys from the wallet for TDE operations. The PDB does not show a wallet location because the database is using united mode PDBs, and the PDBs inherit their location from CDB$ROOT.
 
-![Key Vault](./images/OKV-LL4-001b.png "The file based wallet is open for use. Since the database is using united mode PDBs, they inherit their location from CDB$ROOT.")
+    ![Key Vault](./images/OKV-LL4-001b.png "The file based wallet is open for use. Since the database is using united mode PDBs, they inherit their location from CDB$ROOT.")
 
 3. The identifier and creation time of the TDE master encryption key used by the CDB and PDB
 
-![Key Vault](./images/OKV-LL4-001c.png "The identifier of the TDE master encryption key in use by the CDB and the PDB as well as their creation time")
+    ![Key Vault](./images/OKV-LL4-001c.png "The identifier of the TDE master encryption key in use by the CDB and the PDB as well as their creation time")
 
 4. A list of encrypted tablespaces
 
-![Key Vault](./images/OKV-LL4-001d.png "A list of encrypted tablespaces")
+    ![Key Vault](./images/OKV-LL4-001d.png "A list of encrypted tablespaces")
 
 5. A list of encrypted RMAN backups
 
-![Key Vault](./images/OKV-LL4-001e.png "A list of encrypted RMAN backups")
+    ![Key Vault](./images/OKV-LL4-001e.png "A list of encrypted RMAN backups")
+
+## Acknowledgements
+- **Author** - Shubham Goyal
+- **Contributors** - Peter Wahl, Rahil Mir
+- **Last Updated By/Date** - Shubham Goyal - March 2026

database/advanced/key-vault/key-vault-Lab5.md → database/advanced/key-vault/key-vault-lab-5.md

@@ -13,7 +13,7 @@ This lab builds on concepts and operations from lab 4. Complete lab 4 first befo
 
 ## Task 1: Enroll the incoming Oracle database into Oracle Key Vault
 
-1.  Refresh the browser window on the right side of the remote desktop and log in to Key Vault as user **KVEPADMIN**
+1. Refresh the browser window on the right side of the remote desktop and log in to Key Vault as user **KVEPADMIN**
 
     For the password, execute the following command
 
@@ -31,7 +31,7 @@ This lab builds on concepts and operations from lab 4. Complete lab 4 first befo
 
     ![Key Vault](./images/image-2025-7-24_15-59-1.png "Click the Endpoints tab, then click Add to create a new endpoint")
 
-3.  Provide the endpoint details and click **Register** to create the new endpoint
+3. Provide the endpoint details and click **Register** to create the new endpoint
 
     We recommend using LIVELABS\_DB\_EP for the **Endpoint Name**
     ```plaintext
@@ -49,11 +49,11 @@ This lab builds on concepts and operations from lab 4. Complete lab 4 first befo
     ![Key Vault](./images/image-2025-7-24_12-17-29.png "Fill in the details of your endpoint: Endpoint Name is LIVELABS_DB_EP; Type is Oracle Database; OS Type is Linux; Description is 'This is the endpoint for LiveLabs database (cdb1).'; Click 'Register'")
 
 
-4.  Click the newly created endpoint **LIVELABS\_DB\_EP** to see its details
+4. Click the newly created endpoint **LIVELABS\_DB\_EP** to see its details
 
     ![Key Vault](./images/Screenshot_2025-10-03_14.02.30.png "Click the newly created endpoint LIVELABS_DB_EP to see its details")
 
-5.  Add **LIVELABS\_DB\_WALLET** as the **Default Wallet** on the endpoint details page and click **Save**
+5. Add **LIVELABS\_DB\_WALLET** as the **Default Wallet** on the endpoint details page and click **Save**
 
     By setting up a *default wallet*, all new keys of the database will be a part of this wallet.
 
@@ -65,11 +65,11 @@ This lab builds on concepts and operations from lab 4. Complete lab 4 first befo
 
     ![Key Vault](./images/image-2025-7-24_16-12-59.png "Add the default wallet on the endpoint details page and click Save")
 
-6.  Verify that the permissions of the default wallet (LIVELABS\_DB\_WALLET) are set to 'Read, Write, Manage Wallet' by checking the **Access to Wallets** section of this page
+6. Verify that the permissions of the default wallet (LIVELABS\_DB\_WALLET) are set to 'Read, Write, Manage Wallet' by checking the **Access to Wallets** section of this page
 
     ![Key Vault](./images/Screenshot_2025-10-03_13.56.15.png "Check the permissions of the default wallet")
 
-7.  Click on the **Endpoints** tab and copy the **Enrollment Token** for **LIVELABS\_DB\_EP**
+7. Click on the **Endpoints** tab and copy the **Enrollment Token** for **LIVELABS\_DB\_EP**
 
     ![Key Vault](./images/Screenshot_2025-10-03_14.03.59.png "Click on the Endpoints tab and copy the Enrollment Token")
 
@@ -79,29 +79,29 @@ This lab builds on concepts and operations from lab 4. Complete lab 4 first befo
 
 ## Task 2: Download the Oracle Key Vault client software for this database
 
-1.  On the database host, go to the Key Vault login page, and click on **Endpoint Enrollment and Software Download**
+1. On the database host, go to the Key Vault login page, and click on **Endpoint Enrollment and Software Download**
 
     ![Key Vault](./images/image-2025-7-24_12-31-21.png "On the database host, go to the Key Vault login page, click on Endpoint Enrollment and Software Download")
 
-2.  Paste the Enrollment Token copied in step 7 of Task 1 and click **Submit Token**. You will see the endpoint details automatically populated.
+2. Paste the Enrollment Token copied in step 7 of Task 1 and click **Submit Token**. You will see the endpoint details automatically populated.
 
     ![Key Vault](./images/Screenshot_2025-10-03_14.11.39.png "Paste the Enrollment Token copied in step 7 of task 1 and click Submit Token. You will see the endpoint details automatically populated.")
 
-3.  Click **Enroll** to download the "okvclient.jar" file. The file is downloaded to your database host.
+3. Click **Enroll** to download the "okvclient.jar" file. The file is downloaded to your database host.
 
     ![Key Vault](./images/Screenshot_2025-10-03_14.13.54.png "Click enroll to download the okvclient.jar file. The file is downloaded to your database host.")
 
 ## Task 3: Deploy the Oracle Key Vault client software on the database host
 
-1.  Set up the Key Vault endpoint home. This is the root directory for the endpoint software. Setting **OKV_HOME** allows Key Vault utilities and libraries to locate the endpoint software and configuration files.
+1. Set up the Key Vault endpoint home. This is the root directory for the endpoint software. Setting **OKV_HOME** allows Key Vault utilities and libraries to locate the endpoint software and configuration files.
 
     ```
     <copy>
     export OKV_HOME=/etc/ORACLE/WALLETS/cdb1/okv
     </copy>
     ```
 
-2.  Install the Key Vault software. This prompts for the endpoint connection password. We will call this the "Key Vault endpoint password".
+2. Install the Key Vault software. This prompts for the endpoint connection password. We will call this the "Key Vault endpoint password".
 
     This is a one time step, and the installation software (okvclient.jar) is automatically deleted after a successful installation.
 
@@ -115,7 +115,7 @@ This lab builds on concepts and operations from lab 4. Complete lab 4 first befo
 
     ![Key Vault](./images/image-2025-09-27_install.png "Install Key Vault software. This prompts for the endpoint connection password.")
 
-3.  Review the layout of the Key Vault endpoint home
+3. Review the layout of the Key Vault endpoint home
 
     ```
     <copy>
@@ -125,7 +125,7 @@ This lab builds on concepts and operations from lab 4. Complete lab 4 first befo
 
     ![Key Vault](./images/image-2025-7-24_16-33-45.png "Review the layout of the Key Vault endpoint home")
 
-4.  Deploy the Key Vault library (liborapkcs.so) used by the database to communicate with Key Vault
+4. Deploy the Key Vault library (liborapkcs.so) used by the database to communicate with Key Vault
 
     ```
     <copy>
@@ -137,7 +137,7 @@ This lab builds on concepts and operations from lab 4. Complete lab 4 first befo
 
 ## Task 4: Preparing the database for Oracle Key Vault migration
 
-1.  Update the TDE configuration of the database to OKV|FILE
+1. Update the TDE configuration of the database to OKV|FILE
 
     ```
     <copy>
@@ -151,7 +151,7 @@ This lab builds on concepts and operations from lab 4. Complete lab 4 first befo
 
 ## Task 5: Migrate the database to Oracle Key Vault for centralized key management
 
-1.  Migrate the database to use Key Vault
+1. Migrate the database to use Key Vault
 
     Use the same password for the Key Vault endpoint as used in step 2 of Task 3
 
@@ -178,7 +178,7 @@ This lab builds on concepts and operations from lab 4. Complete lab 4 first befo
 
     ![Key Vault](./images/Screenshot_2025-10-03_15.11.26.png "Add the Key Vault password to the TDE wallet")
 
-2.  Migration is always a re-key (key rotation) operation. A new key is generated in Key Vault, and the data encryption keys are re-wrapped with this new key in Key Vault. For a multi-tenant database with CDB$ROOT and one PDB, two keys are created: one for CDB$ROOT and one for PDB1.
+2. Migration is always a re-key (key rotation) operation. A new key is generated in Key Vault, and the data encryption keys are re-wrapped with this new key in Key Vault. For a multi-tenant database with CDB$ROOT and one PDB, two keys are created: one for CDB$ROOT and one for PDB1.
 
     Enter the Key Vault endpoint password when prompted.
 
@@ -190,7 +190,7 @@ This lab builds on concepts and operations from lab 4. Complete lab 4 first befo
 
     ![Key Vault](./images/Screenshot_2025-10-03_15.13.44.png "Migration is always a re-key operation. There are two new keys created in Key Vault: one for the CDB\$ROOT and one for PDB1")
 
-3.  Verify the database configuration post-migration to Key Vault
+3. Verify the database configuration post-migration to Key Vault
 
     ```
     <copy>
@@ -202,4 +202,9 @@ This lab builds on concepts and operations from lab 4. Complete lab 4 first befo
     - In the TDE configuration parameters, the KEYSTORE_CONFIGURATION now says OKV|FILE
     - In the wallet status, you'll see the wallet of type OKV is open
 
-    ![Key Vault](./images/image-2025-7-24_17-8-50.png "Review the database setup after migrating to Key Vault")
+    ![Key Vault](./images/image-2025-7-24_17-8-50.png "Review the database setup after migrating to Key Vault")
+
+## Acknowledgements
+- **Author** - Shubham Goyal
+- **Contributors** - Peter Wahl, Rahil Mir
+- **Last Updated By/Date** - Shubham Goyal - March 2026

database/advanced/key-vault/key-vault-Lab6.md → database/advanced/key-vault/key-vault-lab-6.md

@@ -25,7 +25,7 @@ This lab builds on concepts and operations from lab 5. Complete lab 5 first befo
     </copy>
     ````
 
-   ![Key Vault](./images/image-2025-09-27_upload.png "Upload the pre-migration key from the local TDE wallet into the OKV wallet that you created in Lab 5:")
+    ![Key Vault](./images/image-2025-09-27_upload.png "Upload the pre-migration key from the local TDE wallet into the OKV wallet that you created in Lab 5:")
 
 2. Set the TDE_CONFIGURATION of the database to "OKV"
 
@@ -37,7 +37,7 @@ This lab builds on concepts and operations from lab 5. Complete lab 5 first befo
     </copy>
     ````
 
-   ![Key Vault](./images/TDE_CONFIG_OKV.png "Set the TDE_CONFIGURATION to 'OKV'")
+    ![Key Vault](./images/TDE_CONFIG_OKV.png "Set the TDE_CONFIGURATION to 'OKV'")
 
 3. To ensure security, delete the local TDE wallet from &lt;WALLET_ROOT&gt;/tde
 
@@ -48,4 +48,9 @@ This lab builds on concepts and operations from lab 5. Complete lab 5 first befo
     </copy>
     ````
 
-   ![Key Vault](./images/image-2025-09-05-delete-wallet-after-upload.png "To ensure security, delete the local TDE wallet from <WALLET_ROOT>/tde:")
+    ![Key Vault](./images/image-2025-09-05-delete-wallet-after-upload.png "To ensure security, delete the local TDE wallet from <WALLET_ROOT>/tde:")
+
+## Acknowledgements
+- **Author** - Shubham Goyal
+- **Contributors** - Peter Wahl, Rahil Mir
+- **Last Updated By/Date** - Shubham Goyal - March 2026

database/advanced/key-vault/key-vault-Lab7.md → database/advanced/key-vault/key-vault-lab-7.md

@@ -23,7 +23,7 @@ This lab builds on concepts and operations from lab 6. Complete lab 6 first befo
     </copy>
     ````
 
-   ![Key Vault](./images/image-2025-09-25_11-48-23.png "Create a new local auto-login wallet in <WALLET_ROOT>/tde and add the Key Vault endpoint password")
+    ![Key Vault](./images/image-2025-09-25_11-48-23.png "Create a new local auto-login wallet in <WALLET_ROOT>/tde and add the Key Vault endpoint password")
 
 2. Update the Transparent Data Encryption (TDE) configuration of the database to 'OKV|FILE' so it can locate the new auto-login wallet in the specified &lt;WALLET_ROOT&gt;/tde directory.
 
@@ -66,4 +66,9 @@ This lab builds on concepts and operations from lab 6. Complete lab 6 first befo
     </copy>
     ```
 
-    ![Key Vault](./images/Screenshot_2025-10-07_23.08.12.png "Confirm that the auto-login wallet has been correctly configured and is operational")
+    ![Key Vault](./images/Screenshot_2025-10-07_23.08.12.png "Confirm that the auto-login wallet has been correctly configured and is operational")
+
+## Acknowledgements
+- **Author** - Shubham Goyal
+- **Contributors** - Peter Wahl, Rahil Mir
+- **Last Updated By/Date** - Shubham Goyal - March 2026

database/advanced/key-vault/key-vault-Lab8.md → database/advanced/key-vault/key-vault-lab-8.md

@@ -1,4 +1,4 @@
-# Ensure reliable data access during connectivity disruptions
+# Ensure reliable data access during disruptions in connectivity between the database and Oracle Key Vault
 
 ## Introduction
 Oracle Key Vault cluster deployment ensures continuous availability during server failures, but connectivity disruptions may still pose a problem. How do you handle network disruptions between your databases and the Key Vault cluster? Key Vault's secure persistent cache ensures your databases continue operating smoothly, even during connectivity issues. 
@@ -23,7 +23,7 @@ This lab builds on concepts and operations from lab 5. Complete lab 5 first befo
     </copy>
     ````
 
-   ![Key Vault](./images/Screenshot_2025-10-03_15.56.40.png "List the IDs of the keys in the local secure persistent cache")
+    ![Key Vault](./images/Screenshot_2025-10-03_15.56.40.png "List the IDs of the keys in the local secure persistent cache")
 
 ## Task 2: Simulate network outage
 
@@ -51,7 +51,7 @@ This lab builds on concepts and operations from lab 5. Complete lab 5 first befo
 
     The retrieval of key IDs from Key Vault will fail because the network connection between the database and the Key Vault server is disconnected.
 
-   ![Key Vault](./images/Screenshot_2025-10-03_15.59.33.png "Check if the server is unreachable")
+    ![Key Vault](./images/Screenshot_2025-10-03_15.59.33.png "Check if the server is unreachable")
 
 ## Task 3: Confirm database resilience with persistent cache by creating a new encrypted tablespace
 
@@ -65,7 +65,7 @@ This lab builds on concepts and operations from lab 5. Complete lab 5 first befo
     </copy>
     ````
 
-   ![Key Vault](./images/Screenshot_2025-10-03_16.01.30.png "Create a new encrypted tablespace")
+    ![Key Vault](./images/Screenshot_2025-10-03_16.01.30.png "Create a new encrypted tablespace")
 
 2. Verify the new tablespace was created
 
@@ -77,7 +77,7 @@ This lab builds on concepts and operations from lab 5. Complete lab 5 first befo
     </copy>
     ````
 
-   ![Key Vault](./images/Screenshot_2025-10-03_16.03.05.png "Verify the new tablespace was created")
+    ![Key Vault](./images/Screenshot_2025-10-03_16.03.05.png "Verify the new tablespace was created")
 
 ## Task 4: Re-establish connectivity between the database and Key Vault
 
@@ -99,4 +99,9 @@ This lab builds on concepts and operations from lab 5. Complete lab 5 first befo
     </copy>
     ````
 
-   ![Key Vault](./images/Screenshot_2025-11-10_16.37.08.png "Ensure the server is reachable")
+    ![Key Vault](./images/Screenshot_2025-11-10_16.37.08.png "Ensure the server is reachable")
+
+## Acknowledgements
+- **Author** - Shubham Goyal
+- **Contributors** - Peter Wahl, Rahil Mir
+- **Last Updated By/Date** - Shubham Goyal - March 2026