I want to upgrade my 5.7 to 8.0 and for now the sst auth on the 5.7 nodes using plaintext authentication (wsrep_sst_auth) but maybe for the initial step i will disable the pxc-encrypt-cluster-traffic and i will enable it again later when the node already uses version 8.0.
So is that possible to changing the SST auth mechanism from plaintext to SSL without downtime? Is there any way to do that?
This option no longer exists in PXC 8. You should remove it from your config before upgrading to 8. SST authentication is handled automatically by the wsrep_sst process. A new, temporary user, is automatically created for the duration of the SST.
ah yeah i’m actually aware of that, so let say i already used pxc 8 without ssl encryption. So, it is possible if i enable the encryption later without downtime?