Is communication within the cluster also encrypted when enabling encrypted transmission between TiDB components?

Note:
This topic has been translated from a Chinese forum by GPT and might contain errors.

Original topic: 为 TiDB 组件间通信开启加密传输,集群内部也是传输加密的吗

| username: TiDBer_BBT3MU8D

Is the transmission within the cluster also encrypted when enabling encrypted transmission for communication between TiDB components?

| username: zhanggame1 | Original post link

Internal transmission is also encrypted.

Enable Encrypted Transmission for Communication Between TiDB Components | PingCAP Documentation Center

| username: TiDBer_BBT3MU8D | Original post link

Is it also SSL internally? For example, Cluster0-kv0, Cluster0-kv1, Cluster0-kv2, where kv0 is the primary and the others are replicas. Is the transmission encryption between them also using SSL?

| username: zhanggame1 | Original post link

It is encrypted.

| username: tidb菜鸟一只 | Original post link

Once enabled, everything is encrypted.

| username: Fly-bird | Original post link

Internal transmission is also encrypted with SSL, and you can enable data encryption at rest. This is something you can do to meet compliance requirements.

| username: oceanzhang | Original post link

Internally, it should be SSL encrypted, and external connections should be configurable.

| username: dba远航 | Original post link

Encryption should certainly be comprehensive.

| username: system | Original post link

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.