MySQL

Encryption

To enable MySQL encryption. Add to the file /etc/mysql/mysql.conf.d/mysqld.cnf those lines:

early-plugin-load=keyring_file.so
default_table_encryption=ON

Then, we will restart the service: systemctl restart mysql

Connect to the MySQL and check if the encryption is enabled:

SELECT PLUGIN_NAME, PLUGIN_STATUS
FROM INFORMATION_SCHEMA.PLUGINS
WHERE PLUGIN_NAME LIKE 'keyring%';

SHOW GLOBAL VARIABLES like '%encryption%';

The key is stored in /var/lib/mysql-keyring/keyring