This chapter describes the features, enhancements, and changes made to Oracle GoldenGate. Oracle updates the release notes periodically after the software release. This document is accurate at the time of publication.
- New Features
- Default Behavior Changes
- Deprecated and Desupported Features and Parameters
OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library. For more information about the team and community around the project, or to start making. This is a problem if more than one instance of openssl is trying to create a time stamp response at the same time. This is not an issue when using the apache server module, it does proper locking. Look for the FIXME word in the source files. The source code should really be reviewed by somebody else, too.
2.1 New Features
This section describes the critical security updates, new features, and enhancements made to Oracle GoldenGate.
- Critical Security Updates 19c (19.1.0) - September 2019
- Release 19c (19.1.0) - September 2019
- Release 19c (19.1.0) - May 2019 Initial Release
2.1.1 Critical Security Updates 19c (19.1.0) - September 2019
This release includes critical security fixes including the following CVEs. Oracle strongly recommends that you upgrade to this release of Oracle GoldenGate.
CVE-2018-11058: The update for CVE-2018-11058 also addresses the following:
- CVE-2016-0701
- CVE-2016-2183
- CVE-2016-6306
- CVE-2016-8610
- CVE-2018-11054
- CVE-2018-11055
- CVE-2018-11056
- CVE-2018-11057
- CVE-2018-15769
For more information, please refer to https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html.
2.1.2 Release 19c (19.1.0) - September 2019
- SQL Server 2017 for Capture and Delivery is Supported
- Capture and delivery is supported for SQL Server 2017.
The
TRANLOGOPTIONS ALWAYSONREADONLYROUTING
parameter allows Extract for SQL Server to route its read-only processing to an available read-intent Secondary when connected to an Always On availability group listener. The
FILEGROUP
option can be used with ADD TRANDATA
per table, or within the GLOBALS file to affect all tables added for TRANDATA
, and creates the CDC staging tables on the listed filegroup rather than the database's default filegroup. TRANCOUNT
option allows you to set a specific number of transactions to be fetched from SQL Server CDC tables at a time. This feature allows installing the Oracle GoldenGate Heartbeat implementation for a database used as a target only, and does not enable features that would be necessary for a source database implementation of the Heartbeat table.
The following options are now available for heartbeat tables from the GGSCI Command Interface: ADD HEARTBEATTABLE [TARGETONLY]
ALTER HEARTBEATTABLE [TARGETONLY|NOTARGETONLY]
Oracle GoldenGate for SQL Server can now run on Linux, providing remote Capture and Delivery support for SQL Server running on Windows.
The Microsoft ODBC drivers for SQL Server are now supported by Extract and Replicat.
- SQL Server CDC Object Versioning
- Oracle GoldenGate now provides a version tracking subsystem to track the CDC objects that are placed on the database. If the version numbers don't match, the Extract abends with an error, which requires
TRANDATA
be reissued for existing tables previously enabled with supplemental logging.
Delivery support for Oracle TimesTen 18c for both Classic and Scaleout Architectures is available.
Support for online
TABLE CREATE
, DROP
and ADD
, ALTER
, DROP COLUMN
commands in the Extract without stopping and restarting the Extract to get the new table metadata for the Extract. Full table version history is supported. This feature is controlled using the TRANLOGOPTIONS TRACKSCHEMACHANGES
parameter. 2.1.3 Release 19c (19.1.0) - May 2019 Initial Release
Oracle GoldenGateMicroservices Architecture provides integration with various Key Management Services (KMS) such as OCI and Oracle Key Vault to centralize and manage encryption keys. See Using a KMS with Oracle GoldenGate MA.
Target-initiated paths for microservices enable the Receiver Server to initiate a path to the Distribution Service on the target deployment and pull trail files. This feature allows the Receiver Server to create a target initiated path for environments such as Demilitarized Zone Paths (DMZ) or Cloud to on-premise, where the Distribution Server in the source Oracle GoldenGate deployment cannot open network connections in the target environment to the Receiver Server due to network security policies.
ADD RECVPATH
START RECVPATH
STOP RECVPATH
DELETE RECVPATH
ALTER RECVPATH
OBEY
Admin Client command) so that the username and password does not need to be included in the script itself, and instead you can use an alias : ADD CREDENTIALS
INFO CREDENTIALS
DELETE CREDENTIALS
The command
The following commands have been added to allow users with security role to enable and disable services for any update operation by non-secure users. UPGRADE HEARTBEATTABLE
is available to alter heartbeat table generated by the ADD HEARTBEATTABLE
command using a previous Oracle GoldenGate release. DISABLE SERVICE
ENABLE SERVICE
ADD PROFILE
DELETE PROFILE
ADD ENCRYPTIONPROFILE
DELETE ENCRYPTIONPROFILE
ALTER ENCRYPTIONPROFILE
- New column conversion function @BINTOBASE64
- New column conversion function to convert supplied binary data into BASE64 text.
- New LAG TASK feature
- Oracle GoldenGate Microservices now has the lag tasks feature in the Tasks tab, which allows you to set up the thresholds for lag in each Extract, Replicat, or Distribution Path processes.
- TLS 1.2 Support
- TLS 1.2 is now the default for secured deployments in Microservices.
The REST API endpoints have been enhanced to retrieve active transaction and current system change number details from the database. These endpoints are used to enhance the file-based initial load process.
The REST API endpoints are accessed from the Administration Server and are:
Manage Instantiation CSN
(/services/{version}/connections/{connection}/databases/{database}/{schema}/{table}/instantiationCsn)
Retrieve Active Transaction Details
(/services/{version}/connections/{connection}/activeTransactions)
This is controlled by the
INSERTUPSERTS
parameter and is disabled by default. It's supported only by Kafka at this time. - New HEARTBEATTABLE Option
- The
UPGRADE HEARTBEATTABLE
option is now available for heartbeat tables from the GGSCI Command Interface:
The consistent SCN used for the initial load is automatically stored in the report file generated by an initial load Extract, so it can be used to precisely position the Extract and Replicat processes to avoid duplicate records.
This feature allows the current Extract restart position to allow Replicats to maintain a more recent source restart position and minimize the redo retention periods, This enhancement is enabled by default for new heartbeat tables. Existing heartbeat tables are upgraded. to support this enhancement. The enhanced heartbeat tables interoperate with heartbeat tables in deployments running older version of the Oracle GoldenGate.
With more recent restart positions, you can configure deleting tombstone tables for Automatic Conflict Detection Resolution (ACDR) tables (an Oracle-to-Oracle CDR feature) to be purged more aggressively. For this feature to work, both the source and target versions of Oracle GoldenGate must be 19c or higher.
![Openssl timestamp patch download Openssl timestamp patch download](/uploads/1/2/5/8/125853124/305237349.png)
![Timestamp Timestamp](http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20160108/262a4cb8/attachment-0001.png)
When the Integrated Extract process is running in Oracle Database 19c with Oracle GoldenGate 19c, it can capture from redo logs with COMPATABILITY 11.2.0.4 or higher. This implies that an Oracle GoldenGate cloud environment configured on Linux can perform remote capture from any endian platform including Linux, Windows, AIX, Tru64, OpenVMS, solaris SPARC, Solaris x86, HP-UX, and so on, running Oracle Database. This also works with both multitenant and non-CDB architectures.
- Support for TIMESTAMP (12)
- Oracle GoldenGate for DB2 for i now supports TIMESTAMP (12)
The
DBOPTIONS USEDATABASEENCODING
parameter is introduced to allow Extract to store all text data in the trail in its native character encoding for non-DBCS data. The
TRANLOGOPTIONS BUFSIZE
parameter is available with DB2 for i. Extract efficiency has been substantially improved over previous releases. Throughput is enhanced while reducing overall processing resources for the same workload.
Difference in throughput between the default conversion of text to
UNICODE
and ‘COLCHARSET(PASSTHRU,*’)
, which does not convert text, has been substantially reduced for Oracle GoldenGate supported character sets. AES encryption, credential store, and Oracle Wallet are now available.
This parameter sets the maximum number of records that are included in an implicitly created transaction. This affects the maximum number of records that are not part of an explicit transaction (have a 0 CCID) can be grouped together into a single implicit transaction.
System sequence number is no longer required for single journal Extracts. It is recommended that you use
RCVSIZOPT(*MAXOPT3)
for their journals to enable a full 64-bit journal sequence number which will eliminate the need to reset journal sequence numbers periodically. DECFLOAT
data type is supported. Oracle GoldenGate can automatically map
DECFLOAT
to any other numeric datatype, however, it may have more precision or larger values. Ensure that target datatype can support the values that are being inserted into the source. @COMPUTE
on DECFLOAT
can only be used on values that are 17 digits or fewer. You may need to use @STRNUM
some cases. SHOWTRANS
, SKIPTRANS
, FORCETRANS
are supported. - Support for TIMESTAMP (12)
- Oracle GoldenGate for DB2 LUW now supports TIMESTAMP (12).
DECFLOAT
data type is supported. Oracle GoldenGate can automatically map
DECFLOAT
to any other numeric datatype, however, it may have more precision or larger values. Ensure that target datatype can support the values that are being inserted into the source. @COMPUTE
on DECFLOAT
can only be used on values that are 17 digits or fewer. You may need to use @STRNUM
some cases. - LRT support
- LRT features
SHOWTRANS
,SKIPTRANS
,FORCETRANS
is supported.
Support for online
TABLE CREATE
, DROP
and ADD
, ALTER
, DROP COLUMN
commands in the Extract without stopping and restarting the Extract to get the new table metadata for the Extract. Full table version history is supported. - Support for TIMESTAMP (12)
- Oracle GoldenGate for DB2 z/OS supports TIMESTAMP (12).
- Support for TIME ZONE WITH TIMESTAMP
- Oracle GoldenGate for DB2 z/OS now supports
TIME ZONE WITH TIMESTAMP
.
- LRT support
- LRT features
SHOWTRANS
,SKIPTRANS
,FORCETRANS
is supported.
DECFLOAT
data type is supported. Oracle GoldenGate can automatically map
DECFLOAT
to any other numeric datatype, however, it may have more precision or larger values. Ensure that target datatype can support the values that are being inserted into the source. @COMPUTE
on DECFLOAT
can only be used on values that are 17 digits or fewer. You may need to use @STRNUM
some cases. - MySQL
- Two-way SSL Support in MySQL Capture and Delivery
- Oracle GoldenGate for MySQL supports an SSL connection of Extract or Replicat to the MySQL database server.
- MySQL 8.0 Support
- Oracle GoldenGate supports MySQL 8.0.
2.2 Default Behavior Changes
This section describes the default behavior changes made to Oracle GoldenGate in relation to the last release.
- Release 19c (19.1.0) - September 2019
- Release 19c (19.1.0) - May 2019 Initial Release
2.2.1 Release 19c (19.1.0) - September 2019
The
INFO HEARTBEATTABLE
command for SQL Server now reports heartbeat frequency interval, purge frequency interval, and retention time. For SQL Server, the default
QUERYTIMEOUT
has been extended from 30 seconds to 300 seconds. Extract for SQL Server will abend if it detects a difference in table structure between the source table and the Change Data Capture table.
For SQL Server, TLS 1.2 connection support, if enabled, is provided automatically by the Extract and Replicat.
Oracle GoldenGate for MySQL has a dependency on OpenSSL library, so availability of OpenSSL library is a prerequisite.
Linux: Set
LD_LIBRARY_PATH
to include the path where OpenSSL library is installed. Windows: For MySQL 8.0 and higher, the OpenSSL library is shipped with MySQL server and is kept in the
bin
directory of the MySQL home directory. You must ensure that the location of the OpenSSL is added to the path environment variable. For example,
D:pathtoMySQLServer_install_dirbin
directory needs to be added to the PATH
environment variable. Alternatively, you can install the latest MySQL C++ connector (MySQL 8.0 or greater), which contains OpenSSL library and make sure that the location of the OpenSSL is added to the path environment variable. For example,
C:Program FilesMySQLConnector C++ 8.0lib64
directory needs to be added to the PATH
environment variable. With MySQL 5.7 or less, you need to install the latest MySQL C++ connector (MySQL 8.0 or greater), which contains the OpenSSL library and make sure that location of the OpenSSL is added to the
PATH
environment variable. For example: C:Program FilesMySQLConnector C++ 8.0lib64
directory needs to be added to the PATH
environment variable. Oracle GoldenGate for MySQL 8.0 has a dependency on OpenSSL library so the availability of this library is a prerequisite. You need to ensure that the library is installed on the system running Oracle GoldenGate and path to this library is set appropriately.
Constraints for Oracle GoldenGate user name have been removed but the maximum length is 512 characters. For Basic and Certificate type users there are no constraints on special characters for the user name in REST API.
However, in the Microservice Architecture web interface, the user name can only include specific special characters for a Basic type user. These characters are:
at sign (
@
), period (.
) , dash (-
), comma (,
), underscore (_
), number sign (#
), dollar sign ($
), plus sign (+
), backslash (
), slash (/
), equal sign (=
), less than sign (<
), or greater than sign (>
). 2.2.2 Release 19c (19.1.0) - May 2019 Initial Release
- Microservices implementation requires stronger passwords
- The passwords for users in Microservices implementation require stronger passwords, with a capital letter, a number, and a special character.
After Extract update, if a newer trail file format is specified then the primary Extract will automatically rollover to the next trail file and writer in the specified trail file format. There is no need to run the
ALTER EXTRACT ETROLLOVER
command. FORMAT RELEASE
option. This behavior change prevents subsequent Replicat to abend if replicat is not upgraded. _INFINITYTOZERO
parameter is no longer required. When Oracle GoldenGate detects the +INF
or -INF
values in an Oracle numeric field, it is handled automatically as if this parameter is already set. If the target is Oracle Replicat 19c release, +INF, and -INF are applied properly. For all other databases including older Oracle Replicat, 0 value is applied.
TIMESTAMP
with TIMEZONE
with region ID data is now supported for FETCH
and initial load. For details, see TRANLOGOPTIONS
in Reference for Oracle GoldenGateThis feature is enabled automatically if needed and you no longer need to specify
TRANLOGOPTIONS INCLUDEREGIONID
. For non-Oracle target, use TRANLOGOPTIONS INCLUDEREGIONIDWITHOFFSET
to convert region ID to time offset from UTC. - GETCTASDML option default setting
GETCTASDML
option available withTRANLOGOPTIONS
parameter is enabled by default.
NOALLOWNULLABLEKEYS
parameter is set to true
. This feature has been created to help customers easily identify tables that may be problematic due to multiple
NULL
values being allowed in a key column. Capture silently ignores the
binlog
events that are not written in the ROW
format instead of abending when it detects a binlog_format
other than ROW
. 2.3 Deprecated and Desupported Features and Parameters
This section describes the deprecated and no longer supported features of Oracle GoldenGate.
- Release 19c (19.1.0) - December 2019
- Release 19c (19.1.0) - September 2019
- Release 19c (19.1.0) - May 2019 Initial Release
2.3.1 Release 19c (19.1.0) - December 2019
Bug 30600725 - UDT protocol between Distribution Server and Receiver Server has been deprecated
In the Oracle GoldenGate Microservices Architecture 19c (19.1.0), the UDT protocol that the Distribution Server uses for sending trails files has been deprecated.
Workaround
Use the wss, ws or ogg protocol instead of UDT because this feature will be desupported in the next major Oracle GoldenGate release.
Parent topic:Deprecated and Desupported Features and Parameters
2.3.2 Release 19c (19.1.0) - September 2019
For
DBOPTIONS
, the DRIVER SQLNCLI11
parameters have been deprecated. TLS 1.2 connection support, if enabled, is provided automatically with an Extract and Replicat. The transaction log based Extract (Classic Extract) is desupported and the Extract that uses Change Data Capture (CDC Extract) that was introduced with Oracle GoldenGate 12c (12.3.0.1) will be used for Oracle GoldenGate for SQL Server going forward.
Parent topic:Deprecated and Desupported Features and Parameters
2.3.3 Release 19c (19.1.0) - May 2019 Initial Release
NOADDTRANDATA
option of ADD HEARTBEATTABLE
has been deprecated. TRANLOGOPTIONS INCLUDEREGIONID
parameter is deprecated. The parameter is not required to capture Oracle TIMESTAMP
with TIME ZONE
with region ID time zone value. If the parameter is specified, a warning message is issued at startup. TIMESTAMP
with TIMEZONE
with region ID data is now supported for FETCH
and initial load. For details, see TRANLOGOPTIONS
in Reference for Oracle GoldenGate. Parent topic:Deprecated and Desupported Features and Parameters
Internet protocol suite |
---|
Application layer |
Transport layer |
Internet layer |
|
Link layer |
|
The Time-Stamp Protocol, or TSP is a cryptographicprotocol for certifying timestamps using X.509 certificates and public key infrastructure. The timestamp is the signer's assertion that a piece of electronic data existed at or before a particular time.
External links[edit]
- IETFRFC 3161, official specification
- IETFRFC 5816, ESSCertIDv2 Update for RFC 3161
- [1] Documentation for the OpenSSLts(1) command.
- OpenTSA was an open-source project to add time stamping functionalities to OpenSSL. (Archived July 12, 2012, at the Wayback Machine)
Retrieved from 'https://en.wikipedia.org/w/index.php?title=Time_stamp_protocol&oldid=843431040'