MySQL 8.0 Reference Manual Including MySQL NDB Cluster 8.0

5.6.8.2 The Keyring Service

MySQL Server supports a keyring service that enables internal server components and plugins to securely store sensitive information for later retrieval. MySQL distributions provide a keyring interface that is accessible at two levels:

This section describes how to use the keyring service functions to store, retrieve, and remove keys in the MySQL keyring keystore. For information about the SQL interface that uses UDFs, Section 6.4.4.9, “General-Purpose Keyring Key-Management Functions”. For general keyring information, see Section 6.4.4, “The MySQL Keyring”.

The keyring service uses whatever underlying keyring plugin is enabled, if any. If no keyring plugin is enabled, keyring service calls fail.

A record in the keystore consists of data (the key itself) and a unique identifier through which the key is accessed. The identifier has two parts:

The keyring service functions have these characteristics in common:

These keyring service functions are available: