--keyring-migration-destination=plugin

The destination keyring plugin or component for key migration. See Section 8.4.5.13, “Migrating Keys Between Keyring Keystores”. The option value interpretation depends on whether --keyring-migration-to-component or --keyring-migration-from-component is specified:

--keyring-migration-from-component

Indicates that a key migration is from a keyring component to a keyring plugin. This option makes it possible to migrate keys from a keyring component to a keyring plugin.

For migration from a keyring plugin to a keyring component, use the --keyring-migration-to-component option. For key migration from one keyring component to another, use the mysql_migrate_keyring utility. See Section 8.4.5.13, “Migrating Keys Between Keyring Keystores”.

--keyring-migration-host=host_name

The host location of the running server that is currently using one of the key migration keystores. See Section 8.4.5.13, “Migrating Keys Between Keyring Keystores”. Migration always occurs on the local host, so the option always specifies a value for connecting to a local server, such as localhost, 127.0.0.1, ::1, or the local host IP address or host name.

--keyring-migration-password[=password]

The password of the MySQL account used for connecting to the running server that is currently using one of the key migration keystores. See Section 8.4.5.13, “Migrating Keys Between Keyring Keystores”.

The password value is optional. If not given, the server prompts for one. If given, there must be no space between --keyring-migration-password= and the password following it. If no password option is specified, the default is to send no password.

Specifying a password on the command line should be considered insecure. See Section 8.1.2.1, “End-User Guidelines for Password Security”. You can use an option file to avoid giving the password on the command line. In this case, the file should have a restrictive mode and be accessible only to the account used to run the migration server.

--keyring-migration-port=port_num

For TCP/IP connections, the port number for connecting to the running server that is currently using one of the key migration keystores. See Section 8.4.5.13, “Migrating Keys Between Keyring Keystores”.

--keyring-migration-socket=path

For Unix socket file or Windows named pipe connections, the socket file or named pipe for connecting to the running server that is currently using one of the key migration keystores. See Section 8.4.5.13, “Migrating Keys Between Keyring Keystores”.

--keyring-migration-source=plugin

The source keyring plugin for key migration. See Section 8.4.5.13, “Migrating Keys Between Keyring Keystores”.

The option value is similar to that for --plugin-load, except that only one plugin library can be specified. The value is given as plugin_library or name=plugin_library, where plugin_library is the name of a library file that contains plugin code, and name is the name of a plugin to load. If a plugin library is named without any preceding plugin name, the server loads all plugins in the library. With a preceding plugin name, the server loads only the named plugin from the library. The server looks for plugin library files in the directory named by the plugin_dir system variable.

--keyring-migration-to-component

Indicates that a key migration is from a keyring plugin to a keyring component. This option makes it possible to migrate keys from a keyring plugin to a keyring component.

For migration from a keyring component to a keyring plugin, use the --keyring-migration-from-component option. For key migration from one keyring component to another, use the mysql_migrate_keyring utility. See Section 8.4.5.13, “Migrating Keys Between Keyring Keystores”.

--keyring-migration-user=user_name

The user name of the MySQL account used for connecting to the running server that is currently using one of the key migration keystores. See Section 8.4.5.13, “Migrating Keys Between Keyring Keystores”.