Recently, a number of questions reached the EDB team regarding encryption and TLS Support. Could someone possibly shed some light on answers for everyone?
1) Is TDE part of EDBPostgres? 2) Does EDB offer anything new or a different type of encryption which is not available in open source? 3) Is TDE part of open source Postgres v10? 4) Does EDB Postgres version 9.5 supports TLS1.2? 5) Please help with steps to enable the TLS1.2 with EDB version 9.5 (PPAS)? 6) Does open source v10 also supports TLS1.2?
Regarding questions 4-6, both PostgreSQL and EDB Postgres will automatically negotiate the highest TLS version that is supported both by the OpenSSL library against which the server is linked and the client. Therefore, TLS 1.2 should be used automatically. There is no configuration to explicitly choose the TLS version, although you can restrict particular ciphers by changing the ssl_ciphers setting in postgresql.conf.