Tag - openssl

Track PostgreSQL Row Changes Using Public/Private Key Signing

PostgreSQL encryption and authorization

Authorisations and encryption/decryption within a database system establish the basic guidelines in protecting your database by guarding against malicious structural or data changes.
What are authorisations?
Authorisations are the access privileges that mainly control what a user can and cannot do on the database server for one or more databases. So consider this to be like […]

Read more

Percona XtraDB Cluster: “dh key too small” error during an SST using SSL

wsrep-stages

If you’ve tried to use SSL in Percona XtraDB Cluster and saw an error in the logs like SSL3_CHECK_CERT_AND_ALGORITHM:dh key too small, we’ve implemented some changes in Percona XtraDB Cluster 5.6.34 and 5.7.16 that get rid of these errors.
Some background
dh key too small refers to the Diffie-Hellman parameters used by the SSL code that are shorter […]

Read more

OpenSSL heartbleed CVE-2014-0160 – Data leaks make my heart bleed

The heartbleed bug was introduced in OpenSSL 1.0.1 and is present in

1.0.1
1.0.1a
1.0.1b
1.0.1c
1.0.1d
1.0.1e
1.0.1f

The bug is not present in 1.0.1g, nor is it present in the 1.0.0 branch nor the 0.9.8 branch of OpenSSL some sources report 1.0.2-beta is also affected by this bug at the time of writing, however it is a beta product and […]

Read more