YugabyteDB supports Transport Layer Security (TLS) encryption using OpenSSL, which is natively available for Linux, BSD, and macOS operating systems. You can configure YugabyteDB to encrypt network communication, including:
- Server-server — between YB-Masters and YB-TServers
- Client-server — using CLIs and APIs for YCQL (YSQL support in progress)
NoteYEDIS does not include support for client-server TLS encryption.
In this section, we will look at how to set up a 3-node YugabyteDB cluster with TLS encryption enabled.