Re: PG Database Encryption

Thanks depesz , Ron, Marco & others,

I tried the suggested option of TDE
<https://wiki.postgresql.org/wiki/Transparent_Data_Encryption> , to enable
Cluster Level Encryption. I had followed the "Installation from Source
Code" method with --with-ssl=openssl parameter to ./configure during build.

1. Please confirm the enabling encryption is possible only by install from
source with --with-ssl parameter?
2. I could enable encryption using PG 12 with patched version provided at
here
<https://www.cybertec-postgresql.com/en/products/postgresql-transparent-data-encryption/>
,
do we need to purchase the product or is it possible with Postgres source
shared at https://www.postgresql.org/ftp/source/v14.7/

We are using Ubuntu 22 and we will prefer to go with TDE cluster level
encryption, please advise can we try to implement it by install from source
( with shared source at https://www.postgresql.org/ftp/source/v14.7 ) or
need to purchasing TDE patched version is mandatory to enable cluster level
encryption?

Thanks a lot,
Ravi

On Thu, May 25, 2023 at 3:52 PM hubert depesz lubaczewski <depesz(at)depesz(dot)com>
wrote:

> On Thu, May 25, 2023 at 01:51:53PM +0530, Ravi GH wrote:
> > Seeking guidance in this regard on How to enable DataBase Encryption of
> > Postgresql DB. Can anyone guide me in this regard or share a few pointers
> > pages on "How to enable it" or any 3rd party tools that can do ths.
>
> Pg doesn't have anything like this now.
>
> What you can do, is:
> 1. Check https://wiki.postgresql.org/wiki/Transparent_Data_Encryption
> 2. Encrypt the filesystem/disk that the PG is on, using whatever tool
> your operating system provides.
>
> Best regards,
>
> depesz
>
>

--
"Give me the place to stand, and I shall move the earth" — Archimedes