Hi Team,
Postgres 12 added "GSSAPI encryption support" as an additional feature to "GSSAPI Authentication" mechanism introduced in Postgres 11. I have few questions based on it.
1) The encryption support means that the encryption between the Client and the Server over the network, which was previously possible only through SSL or previously, not encrypted at all. Now, instead of SSL, we can change pg_hba.conf with the parameters "hostgssenc" and hostnogssenc" to support encryption over the network directly using gssapi.
2) We need to have a client server, a service server and a Key Distribution Center Server which should have Kerberose installed in it. Kerberose is available as opensource.
Please help me if my understanding is correct and let me know about the major improvement on this feature with PG12. I have referred Documentation and some blogs. But, couldn't get the right picture. Your reply is appreciable.
Thanks and Regards,
Raj Kumar.
