cockroach debug encryption-active-key

On this page Carat arrow pointing down
Warning:
Cockroach Labs will stop providing Assistance Support for v21.2 on May 16, 2023. Prior to that date, upgrade to a more recent version to continue receiving support. For more details, see the Release Support Policy.

The cockroach debug encryption-active-key command displays the encryption algorithm and store key for an encrypted store.

Synopsis

$ cockroach debug encryption-active-key [path specified by the store flag]

Subcommands

While the cockroach debug command has a few subcommands, users are expected to use only the zip, encryption-active-key, merge-logs, list-files, tsdump, and ballast subcommands.

We recommend using the job-trace subcommand only when directed by the Cockroach Labs support team.

The other debug subcommands are useful only to CockroachDB's developers and contributors.

Example

Start a node with encryption-at-rest enabled:

icon/buttons/copy
$ cockroach start --store=cockroach-data --enterprise-encryption=path=cockroach-data,key=aes-128.key,old-key=plain --insecure --certs-dir=certs

View the encryption algorithm and store key:

icon/buttons/copy
$ cockroach debug encryption-active-key cockroach-data
AES128_CTR:be235c29239aa84a48e5e1874d76aebf7fb3c1bdc438cec2eb98de82f06a57a0

See also


Yes No
On this page

Yes No