Presented by:

A6f98bfb307b51393c9986e5bcdcf6c8

Andrew Dunstan

2ndQuadrant

Andrew has been contributing to PostgreSQL since 2002 and has been a committer since 2005. He has contributed in a many areas, including configuration and logging enhancements, dollar quoting, CSV import and export, improvements to plperl, the Windows port, rewriting the initdb and pg_ctl scripts in C, parallel pg_restore and most recently JSON features. He created and maintains the PostgreSQL Buildfarm.

No video of the event yet, sorry!
Download the Slides

This talk provides an introduction to setting up PostgreSQL and pgbouncer to use SSL securely and effectively. It will cover

  • what SSL provides - encryption and authentication
  • levels of SSL verification
  • client certificates and server certificates
  • use of self-signed certificates for testing
  • creation and use of Certificate Authorities
  • use of intermediate Certificate authorities
  • SSL cipher suites
  • server settings for SSL
  • libpq settings for SSL
  • multi-factor authentication with client certificates
  • setup of pgbouncer with server and client certificates
  • delegation of authentication to pgbouncer using a map

Date:
2019 September 20 14:00
Duration:
50 min
Room:
Market
Conference:
Silicon Valley 2019
Language:
Track:
Ops and Administration
Difficulty:
Medium