maxandersen
commented
7 years ago @kbsingh any thoughts on this ? how are we secured/connected currently ?
Closed baijum closed 3 years ago
maxandersen
commented
7 years ago @kbsingh any thoughts on this ? how are we secured/connected currently ?
hectorj2f
commented
7 years ago Yes, I agree with @baijum our current configuration is discouraged. To me, the problem is how to manage these certificates without injected them in the image.
aslakknutsen
commented
7 years ago In production, the DB connection to pg is in sslmode 'required', which means traffic will be encrypted. Our DB is only accessible from inside our network.
required vs verify-full leaves us open to man in the middle attacks (if they are inside our network, at which point we have a few other issues as well). I guess another opening would be DNS spoofing to get us to connect to another DB.
hectorj2f
commented
7 years ago Yeah! they are inside of our network but this one is shared with other apps which can get infected.
That said, we don't support https communication across all the chain (from lb to the target container). So if you find any other reason to avoid the encryption, I'm good with it.
PostgreSQL has TLS support. It should be possible to make PostgreSQL database connection secure through TLS. The default configuration can continue to be disabled.
BTW, TLS can be used with RDS also:
http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts.General.SSL