In MySQL 8.0.18, we enhanced the Group Communication System (GCS) layer used by Group Replication (GR) with the ability to use and configure member-to-member connections using TLS v1.3. Therefore, you can secure further your system’s communication with the latest security algorithms.…
Category Archives: Security
Replication with restricted privileges
Up until MySQL 8.0.18, the slave executes replicated transactions without checking privileges. It does so to be able to apply everything that its upstream server (the master) tells it to. In practice this means that the slave fully trusts its master.…
How to manually decrypt an encrypted binary log file
The encrypted binary log file format introduced in MySQL version 8.0.14 was designed to allow a “manual” decryption of the file data when the value of the key that encrypted its file password is known.
Each encrypted binary (or relay) log file is composed by an encrypted binary log file header and the encrypted binary log content (the file data).…
Binary log encryption at rest
Starting in version 8.0.14, MySQL server can encrypt all new binary and relay log files on disk. In order to do so, you just need to enable the new binlog_encryption
option (and also ensure that you have a keyring).…
New! MySQL Utilities Now Supports SSL and Configuration Files
The MySQL Utilities Team is pleased to announce a new release that contains our newest features – SSL and configuration file support. These were added to release-1.5.0-alpha.
How can I make a secure connection to my server via Utilities?
Use the new SSL command-line options that are available for all utilities:
–ssl-ca : The path to a file that contains a list of trusted SSL certificate authorities.…