Final step of removing key management plugins from the configuration once all data and logs have been confirmed as unencrypted.
Once all data and logs have been decrypted, you can safely remove key management plugins, if desired. For example, if using the file key management plugin:
# Comment out or remove the following lines
plugin_load_add = file_key_management
file_key_management_filename = /etc/mysql/encryption/keyfileRestart the server after editing the configuration.
Ensure that all tables no longer report encryption in CREATE_OPTIONS.
Confirm that redo logs and binary logs are unencrypted by checking server variables and log headers.
Confirm that no key management plugin is loaded:
SHOW PLUGINS;Last updated
Was this helpful?
Was this helpful?