Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
10.1.4
-
CentOS 7 64 Bit
Description
Hi All,
Been playing with encryption in 10.1.4 today and there’s a few issues…
Firstly the manual gives the following example…
“Example my.cnf to enable XtraDB encryption:
[mysqld]
|
file-key-management
|
file-key-management-filename = /mount/usb1/keys.txt
|
innodb-encrypt-tables
|
innodb-encrypt-logs
|
innodb-encryption-threads=4”
|
But doesn’t make mention of the fact you need to add..
plugin-load-add=file_key_management.so
|
for this to work.
Secondly…
With this config..
plugin-load-add=file_key_management.so
|
file_key_management
|
file_key_management_filename = /home/rcampbel/key.enc
|
file_key_management_filekey = FILE:/home/rcampbel/keyfile.txt
|
file_key_management_encryption_algorithm = AES_CBC
|
innodb-encrypt-tables
|
innodb-encrypt-logs
|
innodb-encryption-threads = 4
|
I receive the following error…
ERROR Innodb: Tablespace id 0 encrypted but encryption service not available. Can’t continue opening tablespace.”
|
Then if I comment out inndob-encrypt-tables we get a step further but it complains..
“unknown option –innodb-encrypt-logs” <- documentation for 10.1.4 says different
|
If I change this to…
innodb-encrypt-log
|
The server then starts up successfully. Here’s a snip of some relevant variables…
After this I do seem to be able to dynamically set innodb_encrypt_tables and create an encrypted table…
Then adding both, or either one of…
aria-encrypt-tables=1
|
encrypt-tmp-disk-tables=1
|
Results in a crash on startup…
Attachments
Issue Links
- relates to
-
-
- Closed
-