I have a requirement to encrypt certain column of DB tables. Going through the links, have followed the below steps:
In /etc/my.cnf
[mysqld]
plugin-load-add = file_key_management
file_key_management_filename = /etc/mysql/encryption/keyfile.enc
file_key_management_filekey = /etc/mysql/encryption/keyfile.key
file_key_management_encryption_algorithm = AES_CTR
Restarted the mysql
service mysqld restart
But i m unable to see the plugin added.
Executed the following mysql commands:
MariaDB [TestEncr]> CREATE TABLE table1 (col1 INT NOT NULL PRIMARY KEY, secret CHAR(200)) ENGINE=InnoDB ENCRYPTED=YES;
ERROR 1005 (HY000): Can't create table `TestEncr`.`table1` (errno: 140 "Wrong create options")
MariaDB [TestEncr]> install soname 'file_key_management';
ERROR 2 (HY000): Cannot decrypt /etc/mysql/encryption/keyfile.enc. Wrong key?
Unable to understand what is wrong???
Best Answer
If I understand the documentation correctly, you need to prefix the value of
file_key_management_filekey
with the literalFILE:
in order for the subsequent part of the value to be interpreted as a file path containing the password, as opposed to being interpreted as the actual password. So in your case it should be: