| From: | Bruce Momjian <bruce(at)momjian(dot)us> |
|---|---|
| To: | ROS Didier <didier(dot)ros(at)edf(dot)fr> |
| Cc: | "pgsql-general(at)lists(dot)postgresql(dot)org" <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: PostgreSQL : encryption with pgcrypto |
| Date: | 2018-06-25 14:22:33 |
| Message-ID: | 20180625142233.GD20745@momjian.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Thu, May 17, 2018 at 07:07:00AM +0000, ROS Didier wrote:
> Hi
>
> Regarding the encryption of data by pgcrypto, I would like to
> know the recommendations for the management of the key.
>
> Is it possible to store it off the PostgreSQL server?
>
> Is there the equivalent of Oracle "wallet" ?
Late reply, but the last presentation on this page shows how to use
cryptographic hardware with Postgres:
https://momjian.us/main/presentations/security.html
You could modify that to use a key management system (KMS).
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ As you are, so once was I. As I am, so you will be. +
+ Ancient Roman grave inscription +
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Anto Aravinth | 2018-06-25 14:25:25 | Re: Using COPY to import large xml file |
| Previous Message | Akshaya Acharya | 2018-06-25 08:16:06 | Re: Too many range table entries error |