Updated on 2024-10-18 GMT+08:00

SSL-encrypted Data Transmission

GaussDB(DWS) supports the standard SSL. As a highly secure protocol, SSL authenticates bidirectional identification between the server and client using digital signatures and digital certificates to ensure secure data transmission. To support SSL connection, GaussDB(DWS) has obtained the formal certificates and keys for the server and client from the CA certification center. It is assumed that the key and certificate for the server are server.key and server.crt respectively; the key and certificate for the client are client.key and client.crt respectively, and the name of the CA root certificate is cacert.pem.

The SSL mode delivers higher security than the common mode. By default, the SSL function is enabled in a cluster to allow SSL or non-SSL connections from the client. For security purposes, you are advised to enable SSL connection. The server certificate, private key, and root certificate have been configured in GaussDB(DWS) by default.

For details, see Establishing Secure TCP/IP Connections in SSL Mode.