On this page
Warning:
As of November 18, 2022, CockroachDB v21.1 is no longer supported. For more details, refer to the Release Support Policy.
The cockroach debug encryption-active-key
command displays the encryption algorithm and store key for an encrypted store.
Synopsis
$ cockroach debug encryption-active-key [path specified by the store flag]
Subcommands
While the cockroach debug
command has a few subcommands, users are expected to use only the zip
, encryption-active-key
, merge-logs
, list-files
, and ballast
subcommands.
The other debug
subcommands are useful only to CockroachDB's developers and contributors.
Example
Start a node with encryption-at-rest enabled:
$ cockroach start --store=cockroach-data --enterprise-encryption=path=cockroach-data,key=aes-128.key,old-key=plain --insecure --certs-dir=certs
View the encryption algorithm and store key:
$ cockroach debug encryption-active-key cockroach-data
AES128_CTR:be235c29239aa84a48e5e1874d76aebf7fb3c1bdc438cec2eb98de82f06a57a0