We should document how to safely disable InnoDB encryption in a Galera Cluster environment. It is not currently documented:
I suspect that the process would go like this:
1.) Stop all nodes in the cluster except 1.
2.) Make sure that all Aria tables are decrypted. Requires
3.) Make sure that all InnoDB tables are decrypted. Requires
4.) Make sure that InnoDB redo logs are decrypted. Requires
5.) Make sure that binary logs are decrypted. Requires
6.) Uninstall key management plugins, if desired.
7.) Force other nodes to SST using a physical SST method, such as mariabackup, rsync, xtrabackup-v2.