MySQL
MySQL supports transparent data encryption, which provides data-at-rest encryption for physical tablespace data files. This feature uses a two-tier encryption key architecture, consisting of a master encryption key and tablespace keys. When a table is encrypted, a tablespace key is encrypted and stored in the tablespace header. When an application user wants to access the encrypted tablespace data, a master encryption key is used to decrypt the tablespace key. When integrated with CipherTrust Manager, the master encryption key resides on CipherTrust Manager.
Supported Product Versions
CipherTrust Manager
- CipherTrust Manager 2.3 and higher
MySQL Version
- MySQL 8.0.27 and higher
Operating System
- Red Hat Enterprise Linux 7
Prerequisites
Ensure that the CipherTrust Manager is installed and configured. For more details, refer to the CipherTrust Manager documentation for details.
Ensure that the KMIP interface is configured on the CipherTrust Manager. MySQL communicates with the CipherTrust Manager using the KMIP interface. Refer to the CipherTrust Manager documentation for details.
IP address of the CipherTrust Manager and port of the KMIP interface are accessible from MySQL.
Ensure that KMIP client is registered. CipherTrust Manager recognizes only registered KMIP clients. Refer to KMIP Client Registration for details.
