Postgres: SSL/TLS is off

Postgres is a very popular and prominent data store. In terms of its privacy model, authentication, and authorization models, it is more than qualified to store app data, medical data, and sensitive data across the board.

Using the default "SSL off" configuration is a bad practice, since it invites unneeded risk into communicating with your data store in the form of MitM, eavesdropping and data exfiltration.


In postgresql.conf:

ssl = off


In postgresql.conf:

ssl = on