May 2018
Intermediate to advanced
576 pages
30h 25m
English
The behavior of the client application regarding SSL is controlled by an environment variable, PGSSLMODE. This can have the following values, as defined in the official PostgreSQL documentation:
| SSL mode | Eavesdropping protection | MITM protection | Statement |
| disabled | No | No | I don't care about security, and I don't want to pay the overhead of encryption. |
| allow | Maybe | No | I don't care about security, but I will pay the overhead of encryption if the server insists on it. |
| prefer | Maybe | No | I don't care about encryption, but I wish to pay the overhead of encryption if the server supports it. |
| require | Yes | No | I want my data to be encrypted, and I accept the overhead. I trust that the network will ensure that I always ... |