SSL has become the de facto term to mean an end-to-end encrypted channel
regardless of protocol used, even though the SSL protocol is deprecated.
Clarify what we mean with SSL in our documentation, especially for new
users who might be looking for TLS.
Reviewed-by: Robert Haas
Discussion: https://postgr.es/m/
D4ABB281-6CFD-46C6-A4E0-
8EC23A2977BC@yesql.se
SSL
- See for more information about setting up SSL.
+ See for more information about setting up
+
SSL. The configuration parameters for controlling
+ transfer encryption using
TLS protocols are named
+ ssl for historic reasons, even though support for
+ the
SSL protocol has been deprecated.
+
SSL is in this context used interchangeably with
+ TLS
PostgreSQL has native support for using
SSL
- connections to encrypt client/server communications for increased
- security. See for details about the server-side
+ connections to encrypt client/server communications using
+
TLS protocols for increased security.
+ See for details about the server-side
+ TLS
enabled at build time (see ).
+ The terms
SSL and
TLS are often used
+ interchangeably to mean a secure encrypted connection using a
+
TLS protocol.
SSL protocols are the
+ precursors to
TLS protocols, and the term
+
SSL is still used for encrypted connections even though
+
SSL protocols are no longer supported.
+
SSL is used interchangeably with
TLS+
+
Basic Setup
With
SSL support compiled in, the
PostgreSQL server can be started with
-
SSL enabled by setting the parameter
+ support for encrypted connections using
TLS protocols
+ enabled by by setting the parameter
to on in
postgresql.conf. The server will listen for both normal
and
SSL connections on the same TCP port, and will negotiate
projects / postgresql.git / commitdiff