Limitations of pg_tde¶
- Keys in the local keyfile are stored unencrypted. For better security we recommend using the Key management storage.
-
System tables are currently not encrypted. This means that statistics data and database metadata are currently not encrypted.
-
pg_rewind
doesn’t work with encrypted WAL for now. We plan to fix it in future releases. pg_tde
Release candidate is incompatible withpg_tde
Beta2 due to significant changes in code. There is no direct upgrade flow from one version to another. You must uninstallpg_tde
Beta2 first and then install and configure the new Release Candidate version.
Important
This is the RC2 version of the extension and it is not meant for production use yet. We encourage you to use it in testing environments and provide your feedback.