Encryption in transit
YugabyteDB supports encryption in transit using Transport Layer Security (TLS), which supercedes Secure Socket Layers (SSL). You can configure YugabyteDB to encrypt network communication, including:
- Server-server — between YB-TServer and YB-Master services
- Client-server — using CLIs and APIs for YSQL and YCQL
NoteYEDIS does not include support for client-server TLS encryption.
In this section, we will look at how to set up a 3-node YugabyteDB cluster with TLS encryption enabled.