检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Connecting to an RDS for PostgreSQL Instance Through JDBC Although the SSL certificate is optional if you choose to connect to a database through Java database connectivity (JDBC), download an SSL certificate to encrypt the connections for security.
You can create custom keys on KMS to encrypt your objects. If you do not specify a key, OBS creates a default key the first time you upload an object to the bucket. Custom keys or default keys are used to encrypt and decrypt data encryption keys (DEKs).
The value can contain up to 128 characters. type Yes String Configuration file format. yaml properties sensitive Yes Boolean Whether to encrypt the configuration file. true: Encrypt. false: Not encrypt.
Advantages Extensive Service Integration By integrating with OBS, EVS, and IMS, you can use KMS to manage the keys of the services or use KMS APIs to encrypt and decrypt local data.
Data Protection Encryption SFS Turbo supports server-side encryption, which allows you to encrypt the data stored in SFS Turbo file systems. When data is accessed, SFS Turbo automatically decrypts the data and returns it to you.
For symmetric keys, the same key is used to encrypt and decrypt data, which is fast and efficient, suitable for encrypting a large amount of data. For asymmetric keys, a key pair, that is, a public key and a private key, are used for encryption and decryption.
File System Encryption You can encrypt data on the newly created SFS Turbo file systems if needed. Keys used by encrypted file systems are provided by the Key Management Service (KMS), which is secure and convenient.
You need to call APIs to encrypt and decrypt a large amount of data.
HTTP does not encrypt data in transmit, so confidential information, such as passwords, accounts, and transaction records, transmitted over HTTP is plaintext and easy to be leaked, stolen, or tampered with anytime. HTTP is insecure for transmitting private information.
Connecting to a Database in SM-based TLS Mode When connecting to a GaussDB server through JDBC, you can enable SM-based TLS to encrypt communication between a client and a server. This mode provides a highly secure channel for sensitive data transmission on the Internet.
For details about how to encrypt or decrypt a large amount of data, see Encrypting or Decrypting a Large Amount of Data. Parent topic: KMS
Connecting to the Database (Using SSL) When you use psycopy2 to connect to the GaussDB server, you can enable SSL to encrypt the communication between the client and server. To enable SSL, you must have the server certificate, client certificate, and private key files.
Connecting the Database (Using SSL) When you use psycopy2 to connect to the GaussDB server, you can enable SSL to encrypt the communications between the client and server. To enable SSL, you must have the server certificate, client certificate, and private key files.
When connecting to an instance, clients can use the CA root certificates downloaded from the management console to authenticate the instance server and encrypt data during transmission. DCS Redis for 4.0/5.0 only support plaintext transmission.
Key Management Scenarios The Cloud O&M Center uses DEW to encrypt your host account password for secure protection. Before using Key Management Service (KMS), create a key on DEW. Configuring a Key Log in to COC.
The public key is used to encrypt sensitive information when calling a service API.
If you want to use the OBS encryption function, follow instructions in Using OBS to Encrypt Data for Running Jobs to configure related information and call an API to run a job.
Configuring One-Way or Two-Way Authentication Between the Dedicated Gateway and Client Scenario If the API frontend supports HTTPS, you need to add an SSL certificate for the independent domain name bound to the API group. An SSL certificate is used for data encryption and identity
GAUSS-02781 -- GAUSS-02790 GAUSS-02783: "encrypt the plain text failed!" SQLSTATE: 39000 Description: Internal system error. Solution:contact technical support GAUSS-02784: "encode the plain text failed!" SQLSTATE: 39000 Description: Internal system error.
To avoid such problems, you can encrypt the sensitive data in the database and protect the keys that are used to encrypt the data. This prevents anyone without the keys from using the data, but this kind of protection must be planned in advance.
