MySQL Forums
Forum List  »  InnoDB clusters

Re: Issue InnoDB cluster + Encrypted tables (TDE) - keyring_okv
Posted by: Georgi Kodinov
Date: June 21, 2019 01:38AM

The Innodb tablespace keys (as well as the rest of the keys the server uses) are "local" to the server instance.
When you replicate (as you do with innodb cluster) the data gets decrypted by the master before being re-encrypted and sent over the wire to the slave that re-encrypts it with its local key before storing it into the innodb table.

So IMHO you shouldn't expect that the keys will replicate too.

I'll leave it to my innodb colleagues to explain when exactly does the key propagate through the keyring plugin to OKV when you create a table with ENCRYPTION='y'

Georgi "Joro" Kodinov
MySQL SrvGen team lead
Plovdiv, Bulgaria

Options: ReplyQuote

Written By
Re: Issue InnoDB cluster + Encrypted tables (TDE) - keyring_okv
June 21, 2019 01:38AM

Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.