Multiple keys versions and rotation
This will let you know how to use store lockers to utilise the usage of the plugin to be able to use key versions.
In this guide it will allow you to use multiple key versions automatically
First you need to create a Locker on the Store
we will name it Keys inside it we have to only create keys starts with numbers, this represents the version that you will use later.
for example we have two keys, each one starts with a number
it should be numbers only
change your config file to have the locker allowed and make sure to change the vault-url too.
[mariadb]
plugin-load-add=onboardbase_key_management.so
# when using multiple key versions, make sure to have the global api
onboardbase-key-management-vault-url="https://public.onboardbase.com/api/v1/store/get"
onboardbase-key-management-token="store_HZ6EUG3GDUA7VG6B8MHH"
onboardbase-key-management-locker-key="keys"
then you should be know have key versioning
you could test out by
CREATE TABLE t3 (a VARCHAR(8)) ENGINE=InnoDB ENCRYPTED=YES ENCRYPTION_KEY_ID=2;
Updated about 1 month ago