Configuring and using an encrypted database instance
Overview
Out-of-the-box, both CAST Storage Service and PostgreSQL are not configured to function with encrypted TCP/IP connections, i.e. to accept incoming encrypted database connections for enhanced security. However, “encrypted mode” can be configured if required so that connections from CAST Imaging to your database instances are secured. The configuration process includes:
- Generate server and client keys and certificates
- Configure CAST Storage Service/PostgreSQL to accept incoming encrypted connections
- Configure CAST components to function in encrypted mode
- Declare the CAST Storage Service/PostgreSQL instance(s) in the CAST Imaging UI
Requirements
Connecting to a CAST Storage Service or PostgreSQL instance configured to accept incoming encrypted connections is supported in CAST Imaging 3.4.1-funcrel and later.
Technical notes
When installing CAST Imaging on Linux via Docker, CAST provides a database instance as a Docker image - see What are the database requirements?. By default, this instance will be used by CAST Imaging for both analysis data and persistence data storage needs. This instance cannot be configured to function in encrypted mode.
/ 
