MySQL
MySQL supports transparent data encryption, which provides data-at-rest encryption for physical tablespace data files. This feature uses a two-tier encryption key architecture, consisting of a master encryption key and tablespace keys. When a table is encrypted, a tablespace key is encrypted and stored in the tablespace header. When an application user wants to access the encrypted tablespace data, a master encryption key is used to decrypt the tablespace key. When integrated with CipherTrust Manager, the master encryption key resides on CipherTrust Manager.
Supported Product Versions
Note
The integration is performed and certified on LTS release versions of CipherTrust Manager only. Feature releases support the integration and are covered under technical support but will not be explicitly certified. To know more about CipherTrust Manager release versions, click here.
CipherTrust Manager
- CipherTrust Manager 2.3 and higher
MySQL Version
- MySQL 8.0.27 and higher
Prerequisites
Ensure that the CipherTrust Manager is installed and configured. For more details, refer to the CipherTrust Manager documentation for details.
Ensure that the KMIP interface is configured on the CipherTrust Manager. MySQL communicates with the CipherTrust Manager using the KMIP interface. Refer to the CipherTrust Manager documentation for details.
IP address of the CipherTrust Manager and port of the KMIP interface are accessible from MySQL.
Ensure that KMIP client is registered. CipherTrust Manager recognizes only registered KMIP clients. Refer to KMIP Client Registration for details.
