HI Sorry should have mentioned that the InnoDB logs are not encrypted show variables like '%encrypt%'; +------------------------------------------+---------+ | Variable_name | Value | +------------------------------------------+---------+ | aria_encrypt_tables | OFF | | encrypt_binlog | OFF | | encrypt_tmp_disk_tables | OFF | | encrypt_tmp_files | OFF | | file_key_management_encryption_algorithm | aes_cbc | | innodb_default_encryption_key_id | 1 | | innodb_encrypt_log | OFF | | innodb_encrypt_tables | ON | | innodb_encryption_rotate_key_age | 1 | | innodb_encryption_rotation_iops | 100 | | innodb_encryption_threads | 0 | +------------------------------------------+————+ The the table is encrypted: select * -> from information_schema.innodb_tablespaces_encryption -> where encryption_scheme=1 -> ; +-------+----------------------+-------------------+--------------------+-----------------+---------------------+--------------------------+------------------------------+----------------+ | SPACE | NAME | ENCRYPTION_SCHEME | KEYSERVER_REQUESTS | MIN_KEY_VERSION | CURRENT_KEY_VERSION | KEY_ROTATION_PAGE_NUMBER | KEY_ROTATION_MAX_PAGE_NUMBER | CURRENT_KEY_ID | +-------+----------------------+-------------------+--------------------+-----------------+---------------------+--------------------------+------------------------------+----------------+ | 35 | mytest/customers_big | 1 | 1 | 1 | 1 | NULL | NULL | 1 | +-------+----------------------+-------------------+--------------------+-----------------+---------------------+--------------------------+------------------------------+----------------+ 1 row in set (0.00 sec) Mysqldump works fine to backup data but of course it dumps it into plain text and it’s generally a rubbish backup method. Kind Regards Lee

On 1 Jun 2016, at 16:13, Guillaume Lefranc wrote:

Hello,

on the contrary, it is clearly stated:

Percona XtraBackup cannot back up instances that use encrypted InnoDB log files.

So, either don't encrypt the log files (potentially unsafe), or use filesystem backups.

Regards GL

On Wed, Jun 1, 2016 at 5:02 PM Lee Bennett mailto:lee@gravity667.com> wrote: Hi

We are in the process of setting up data at rest encryption encryption with MariaDB 10.1.13 so we can encrypt specific table. This works without any problem however when I try and backup with Percona Xtrabackup it fails saying table appears to be corrupted:

60601 14:53:46 [01] ...done 160601 14:53:46 [01] Streaming ./mytest/customers_big.ibd [01] xtrabackup: Database page corruption detected at page 1, retrying... [01] xtrabackup: Database page corruption detected at page 1, retrying... 160601 14:53:46 >> log scanned up to (3146117051) [01] xtrabackup: Database page corruption detected at page 1, retrying... [01] xtrabackup: Database page corruption detected at page 1, retrying... [01] xtrabackup: Database page corruption detected at page 1, retrying... [01] xtrabackup: Database page corruption detected at page 1, retrying... [01] xtrabackup: Database page corruption detected at page 1, retrying... [01] xtrabackup: Database page corruption detected at page 1, retrying... [01] xtrabackup: Database page corruption detected at page 1, retrying... [01] xtrabackup: Error: failed to read page after 10 retries. File ./mytest/customers_big.ibd seems to be corrupted. [01] xtrabackup: Error: xtrabackup_copy_datafile() failed. [01] xtrabackup: Error: failed to copy datafile.

This says to me that Xtrabackup isn’t compatible with MariaDB encryption however the documents kind of give the impression it is: https://mariadb.com/kb/en/mariadb/data-at-rest-encryption/ https://mariadb.com/kb/en/mariadb/data-at-rest-encryption/

Regards Lee _______________________________________________ Mailing list: https://launchpad.net/~maria-discuss https://launchpad.net/~maria-discuss Post to : maria-discuss@lists.launchpad.net mailto:maria-discuss@lists.launchpad.net Unsubscribe : https://launchpad.net/~maria-discuss https://launchpad.net/~maria-discuss More help : https://help.launchpad.net/ListHelp https://help.launchpad.net/ListHelp -- Guillaume Lefranc Remote DBA Services Manager MariaDB Corporation