Encrypt_binlog parameter issue on PXC 5.7

ibrisim · November 27, 2020, 6:55am

Hi guys,

I’m trying to enable bin log ecnryption (encrypt_binlog parameter) feature on Xtradb Cluster. Here is the version details;

OS : Ubuntu 18.04.5 LTS (Bionic Beaver)

Xtradb Relase : 5.7.31-31.45-3.bionic

wsrep_provider_version : 3.45(ra60e019)

I’m using the following parameters in the conf file.

Encryption parameters

early-plugin-load=keyring_file.so

keyring_file_data=/var/lib/mysql/keyring

encrypt_binlog=1

master_verify_checksum=1

binlog_checksum=1

with these settings I can’t bootstrap my first node. When I delete the encrypt_binlog parameter, it bootstraps without any error. When the parameter is enabled It didn’t write any thing in error log. Its fully empty.

I want to ask; can I use binary log encryption on PXC (5.7)?

Thanks,

Erman

eder_santos · November 27, 2020, 10:53am

Hello ibrisim,

Encrypting Binary Logs is available only for PXC 8.0.

On PXC 5.7 you have the option to use Data at Rest Encryption, but this is a different feature.

ibrisim · December 2, 2020, 6:18am

Hello @eder_santos ,

Bad news for me. Thanks for your reply.

Topic		Replies	Views
Bin_log question Percona XtraDB Cluster 8.x	1	578	October 11, 2021
Restoring nodes without keyring_file after shutdown after encrypted INSERT Percona XtraDB Cluster 5.x	4	670	October 18, 2019
Binary logging confusion Percona XtraDB Cluster 5.x	2	1286	April 30, 2014
Mysql backup encryption Percona XtraDB Cluster 8.x mysql , closed-no-reply	0	453	February 14, 2022
Encrypted backup configuration in PXC Cluster Resource Percona Operator for MySQL	6	48	August 1, 2024

Encrypt_binlog parameter issue on PXC 5.7

Encryption parameters

Related topics