Enabling connection encryption by default on PyExasol

[exa-mohamedi]

From Exasol DB 8.0 and SaaS onwards, the DB will be configured to accept only encrypted connections by default which will cause the unencrypted connections to be denied.

By default, the pyexasol establish an unencrypted connection (PyExasol Doc) to DB which will cause the connection to fail on DB 8.0 onwards.

It would be better to update the PyExasol to establish an encrypted connection to DB as an default connection.

[littleK0i]

It's a very good question.

I suspect, at this moment we have far more users on older Exasol versions, and this change might break the existing scripts for them. Also, most users with "on-premise" Exasol installations do not really need this extra SSL security layer, since they already use VPN, encrypted tunnels, etc.

It will just waste CPU cycles with very little extra security. The last time we tested performance difference (a few years ago) it was about ~10-20%. I think it got cheaper since then, but it's not free, especially for large volumes of data.

---

On the other hand, if you know that most customers accepted this overhead, and if you agree that Exasol performance will look worse during POCs, I'll change this default.

Thank you.

[littleK0i]

(Waiting for Exasol R&D team to finish tests and come back with final conclusion on this issue)

[ThomasBestfleisch]

@littleK0i As discussed let's go ahead and set encrpytion as default.

[littleK0i]

@ThomasBestfleisch , @exa-mohamedi , please check latest version 0.24.0.

Encryption is now enabled by default both for WebSocket and HTTP transport.

If any customer reports a problems with parallel HTTP transport, make sure they have encryption being set to the same mode both in pyexasol.connect() and in pyexasol.http_transport() calls.

[exa-mohamedi]

@littleK0i, Thanks