[MDEV-17269] Document how to safely decrypt InnoDB tables Created: 2018-09-21 Updated: 2018-12-17 Resolved: 2018-12-17 |
|
| Status: | Closed |
| Project: | MariaDB Server |
| Component/s: | Documentation - Support, Encryption, Storage Engine - InnoDB |
| Fix Version/s: | N/A |
| Type: | Task | Priority: | Major |
| Reporter: | Geoff Montee (Inactive) | Assignee: | Kenneth Dyer (Inactive) |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Issue Links: |
|
||||||||||||||||||||
| Description |
|
We should document how to safely decrypt InnoDB tables. The documentation doesn't currently say: https://mariadb.com/kb/en/library/encrypting-data-for-innodb-xtradb/ It looks like the process would go like this: 1.) Set innodb_encrypt_tables=OFF:
Make sure to also set it in the configuration file. https://mariadb.com/kb/en/library/xtradbinnodb-server-system-variables/#innodb_encrypt_tables 2.) Make sure innodb_encryption_threads>0 is set:
https://mariadb.com/kb/en/library/xtradbinnodb-server-system-variables/#innodb_encryption_threads 3.) Make sure that innodb_encryption_rotate_key_age=1 is set:
4.) Check for individual tables that have explicitly been encrypted:
5.) For each table that has explicitly been encrypted, explicitly decrypt it:
6.) Allow the background encryption threads to decrypt all tables. You will know all tables are decrypted when the following query returns 0 rows:
|
| Comments |
| Comment by Geoff Montee (Inactive) [ 2018-12-17 ] |
|
https://mariadb.com/kb/en/library/encrypting-data-for-innodb-xtradb/#disabling-encryption |