Skip to content
Percona Software for PostgreSQL Documentation

For help, click the link below to get free database assistance or contact our experts for personalized support.

Get help from Percona

Keyring File Configuration

This setup is intended for development and stores the keys unencrypted in the specified data file. See how to use external reference to parameters to add an extra security layer to your setup.

Note

While keyfiles may be acceptable for local or testing environments, KMS integration is the recommended approach for production deployments.

    SELECT pg_tde_add_global_key_provider_file(
        'provider-name',
        '/path/to/the/keyring/data.file'
    );

The following example is used for testing purposes only:

    SELECT pg_tde_add_global_key_provider_file(
        'file-keyring',
        '/tmp/pg_tde_test_local_keyring.per'
    );

Next steps

Global Principal Key Configuration