12 July,2022 by Rambler
PostgreSQL supports SSL connections. PostgreSQL has a concept of SSL modes , each mode serves a different objective . Starting from no encryption - sslmode = Disable , right through to sslmode=verify-full which encrypts data and also verifies the server.
To utilise the SSL it is necessary to apply some configuration changes to PostgreSQL .
There are different levels of ssl modes supported by PostgreSQL. These different modes are used to achieve different objectives.
As an example - This is an image of the SSL tab on the pgAdmin Connection configuration tab.The SSL mode tab has a list of values - each one representing the different modes for the connection configuration. The PostgreSQL server side configuration will define which SSL modes are allowed for any given connection to the target PostgreSQL
Utilize the different modes according to the level of protection required . Depending on the level of protection required - there is an exchange between performance and security. Read the PostgreSQL documentation for a deep dive on ssl and what each modes seeks to protect - ranging from data encryption , eavesdropping and man in the middle attacks
To configure SSL on standalone PostgreSQL server review the Secure TCP/IP Connections with SSL
In How to view a PostgreSQL connection SSL status I looked at how you can check a connection's SSL status and on AWS PostgreSQL encryption there is information about the SSL status of various AWS Postgresql flavours.
This is only a preview. Your comment has not yet been posted.
As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.
Having trouble reading this image? View an alternate.
Posted by: |