Concepts of Keys, Certificates and Keystores for TLS
This section explains keystores for TLS/SSL (Transport Layer Security / Secure Socket Layer) connections between database clients and servers.
With the client-server architecture being the norm for database systems, the communication between the database client and the database server generally occurs over a network connection. While such a network connection may be completely inside a private network, like an intranet of a company, it can just as well include public sections using the internet. Especially connecting to the ever more popular servers and services in the cloud almost always involves sections of the public internet. In addition, new legislation, like the GDPR (General Data Protection Regulation) in the European Union, require a stronger protection for the privacy of data. Securing the communication between database client and server is an important aspect and a requirement to be taken seriously.