Connecting using encryption (SSL / GSSAPI)
Here, we will demonstrate how to enable PostgreSQL to use SSL for the protection of database connections, by encrypting all of the data passed over that connection. Using SSL makes it much harder to sniff database traffic, including usernames, passwords, and other sensitive data. Otherwise, everything that is passed unencrypted between a client and the database can be observed by someone listening to a network somewhere between them. An alternative to using SSL is running the connection over a VPN.
Using SSL makes the data transfer on the encrypted connection a little slower, so you may not want to use it if you are sure that your network is safe. The performance impact can be quite large if you are creating lots of short connections, as setting up an SSL connection is quite Central-Processing-Unit (CPU)-heavy. In this case, you may want to run a local connection-pooling solution, such as PgBouncer, to which the client connects without...