YugaByte DB uses OpenSSL (native to Linux/BSD operating systems) in order to perform TLS encryption. You can configure YugaByte DB to encrypt all network communication. The following communication is encrypted:
- Server to server (for example, between YB-Masters and YB-TServers)
- Client to server (including connecting to the cluster using a command line shell)
Note that YEDIS does not currently support TLS encryption, however this is on the roadmap. Please open a GitHub issue if this is of interest.
In this section, we will look at how to setup a 3 node YugaByte DB cluster with TLS encryption enabled.