MariaDB Enterprise Server and MariaDB Community Server support two forms of encryption:

Encryption Type


Data-in-Transit Encryption

Secures data transmitted over the network. The Server and the clients encrypt data using SSL/TLS, ensuring that it remains secure during transit.

Data-at-Rest Encryption

Secures data on the file system. The storage engine encrypts data before writes and decrypts during reads, ensuring that the data is only unencrypted when accessed directly through the Server.