[MXS-4140] Re-encrypt binlogs that use old key versions Created: 2022-05-19 Updated: 2023-10-04 Resolved: 2023-10-04 |
|
| Status: | Closed |
| Project: | MariaDB MaxScale |
| Component/s: | binlogrouter |
| Affects Version/s: | 22.08 |
| Fix Version/s: | N/A |
| Type: | New Feature | Priority: | Major |
| Reporter: | markus makela | Assignee: | Todd Stoffel (Inactive) |
| Resolution: | Won't Do | Votes: | 0 |
| Labels: | None | ||
| Description |
|
When a key rotation occurs, the old binlogs will be encrypted using the older versions of the key. The binlogrouter should have a background operation for re-encrypting old binlogs with the latest encryption key. This is similar to the InnoDB page re-encryption. Optionally, a manual command for re-encrypting a single binlog file could be added. |