On Wed, Sep 1, 2021 at 5:17 AM Paula Carboné <[email protected]> wrote:
> Hi again! I understand, for what I have read in > https://issues.apache.org/jira/browse/GUACAMOLE-1162 that data encryption > using a PostgreSQL database is not currently possible. > We have determined that encrypting values stored in the database is of little value unless the key to decrypting them can be stored elsewhere - otherwise you're just obscuring the credentials, and as long as the database is properly secured, you add very little value and more overhead in processing and configuration. > However, this issue talks about using vaults to store credentials > https://issues.apache.org/jira/browse/GUACAMOLE-641 > Is it working already or you are just developing it? Can this be used with > PostgreSQL? > It is in development, now - Mike has been working on this. I don't believe it is fully functional, yet, but is still going through development and review. Once it is completed I would imagine you can use it with any of the extensions that store connections. That said, the work that has been done so far on this is specific to storing credentials in Azure's credential vault, so if you're asking if you'll be able to use it with only PostgreSQL and no Azure, the answer is no - it will require some form of external credential vault. -Nick
