虚拟机已装有postgresql 9.6.9.
设置环境变量
为了方便安装,设置一下环境变量
export PGSRC="/home/xdb/source/postgresql-9.6.9" //pg 源码
export PGHOME="/appdb/xdb" //pg path
export TDEHOME="/home/xdb/source/tdeforpg-1.2.1.0" // tde 源码
export PGPORT="5432"
export PGDATA="/data/utf8db" // pg data目录
export PGDATABASE="testdb"
export PGUSER="xdb"
export PGPASSWORD="123456"
安装pgcrypto
cd ${PGSRC}/contrib/pgcrypto
gmake
gmake install
pg_ctl start
psql -c "CREATE EXTENSION pgcrypto;"
编译TDE(Transparent Data Encryption)
sudo ln -s ${PGHOME}/lib/pgcrypto.so /usr/lib64/libpgcrypto.so
cd ${PGSRC}
./configure --with-openssl
cd ${TDEHOME}/SOURCES/data_encryption
sh makedencryption.sh 96 ${PGSRC}
安装TDE
ln -s ${TDEHOME}/SOURCES/data_encryption/96/data_encryption96.so.1.2.1.0 /usr/lib64/data_encryption.so
修改postgresql.conf
shared_preload_libraries='/usr/lib64/data_encryption.so'
启动postgresql,并加载externtion
pg_ctl restart -D $PGDATA
testdb=# create extension pgcrypto ; //一定要先加载externsion,否则后面TDE无法连接安装
CREATE EXTENSION
testdb=#
安装TDE function
[root@localhost SOURCES]# sh bin/cipher_setup.sh ${PGHOME}
Transparent data encryption feature setup script
Please select from the setup menu below
Transparent data encryption feature setup menu
1: activate the transparent data encryption feature
2: inactivate the transparent data encryption feature
select menu [1 - 2] > 1
Please enter database server port to connect : 5432
Please enter database user name to connect : xdb
Please enter password for authentication :
Please enter database name to connect : testdb
CREATE LANGUAGE
INFO: Transparent data encryption feature has been activated