Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.futurex.com/llms.txt

Use this file to discover all available pages before exploring further.

Complete the following steps to deploy the PostgreSQL service in CryptoHub:
1
Log in to the CryptoHub under dual control using your administrator identities.
2
Select the service you intend to deploy and select [ Deploy ].
3
Configure the following Service Setup settings:
  • Service Name: The name of the application. Leave as default.
  • Service Category: The category the service falls under. Leave as default.
  • Select [ Next ].
4
Configure the following Access Control settings:
  • Authorized Resources: The role you are logged in with has access to the service by default.
  • Add Additional Resources: Optional
  • Select [ Next ].
5
Configure the Authentication settings to determine how users will authenticate to access encrypted files. The two options are Kerberos or Local authentication.Local authentication uses local Windows accounts to manage access to encrypted files. Users will be authenticated using their local Windows credentials.Kerberos authentication uses Windows Active Directory to manage access to encrypted files. Users will be authenticated using their domain credentials.
Active Directory configuration is required for Kerberos authentication. Go to Identity & Access Management, then select the Active Directory tab to set this up.
  • Select Local or Kerberos authentication and select [ Next ].
6
Configure the Path Rules:
  • Select [ Add Path Rule ].
  • Enter role or group names from Active Directory for broad access.
  • Enter Active Directory or individual usernames to grant access.
  • Choose Basic setup to encrypt a specific directory and file type, or select Advanced Setup to use wildcards like ** for subdirectories and * for pattern matching.
  • Select**[ Add ]**.
For the PostgreSQL integration, you must specify a file-matching pattern the path to the data directory of your PostgreSQL installation. The example below will recursively encrypt all files in the C:\PostgreSQL\data\ directory.Example:C:\PostgreSQL\dataBased on the PostgreSQL directory structure, the following folders within the data directory relate to database instances:
  • base: This is the primary directory containing all database instances. Within base:
    • Each database has its own subdirectory named with its Object ID (OID)**
    • For example, if a database had OID 16387, its files would be in data\base\16387\
  • global: Contains cluster-wide tables like pgdatabase and authentication information
  • pgwal (or pgxlog in older versions): Contains Write-Ahead Log files essential for database recovery
  • pgtblspc: Contains symbolic links to any tablespaces defined outside the main data directory
The individual database data is primarily in the numbered subdirectories within base, such as C:\PostgreSQL\data\base\16387\.If you’re considering encryption strategies, understanding this structure helps you decide whether to encrypt the entire data directory or target specific database subdirectories within base.
7
Select [ Deploy ].