0

We've outgrown our current server and decided to move to two servers, one to host our apps, and one to hold our database. We looked into clustering and we don't feel we need to scale horizontally just yet.

What's the best way to connect to and secure communication between the database and app server. Mongo suggests SSL in their docs but Digital Ocean now allows private networking between servers so I'm thinking maybe setup an SSH connection between the two servers? I'm not sure how reliable that would be. Also, I don't want to pay for the data transfer if I don't have to, so I'd like to keep it on private networking. What's the best way to get this done.

asked Jul 28, 2017 at 19:23

1 Answer 1

0

x.509 is, of course, best choice. You can get keys (for free) from let's encrypt organization if you "own" domain address.

Then there is keyfile what you can use.

Other choices are SSL tunnel or OpenVPN, latter preferred.

answered Jul 29, 2017 at 7:54
2
  • You mean SSH tunnel? How would an SSH tunnel not be the best choice here? I can use private networking and not expose my database to the internet, or pay for data transfer between my app and database. The latency should be much less too. Commented Jul 31, 2017 at 15:31
  • SSL.. stunnel.org/index.html and 'latter' points to OpenVPN Commented Jul 31, 2017 at 18:45

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.