[Encrypted InnoDB tablespace backups] keyring_file dependency should be documented
Bug #1656282 reported by
Laurynas Biveinis
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
Percona XtraBackup moved to https://jira.percona.com/projects/PXB | Status tracked in 2.4 | |||||
2.4 |
Triaged
|
Medium
|
Unassigned |
Bug Description
[In:/doc/
Currenly, the doc page discusses taking backups of encrypted tablespaces without mentioning anything about server keyrings in use. That XB introduces keyring_file_data option, implies that it works only with keyring_file and not with any other keyring plugin. This should be documented.
To post a comment you must log in.
Eventually, xtrabackup should support keyring plugins.
Another option is to fetch master keys from server itself using 'keyring_key_fetch' from recently introduced keyring_udf and re-encrypt tablespace keys with the backup master key provided at the time of backup.
As for current implementation, we should state that it only works with default keyring file plugin.