We've outgrown our current server and decided to move to two servers, one to host our apps, and one to hold our database. We looked into clustering and we don't feel we need to scale horizontally just yet.
What's the best way to connect to and secure communication between the database and app server. Mongo suggests SSL in their docs but Digital Ocean now allows private networking between servers so I'm thinking maybe setup an SSH connection between the two servers? I'm not sure how reliable that would be. Also, I don't want to pay for the data transfer if I don't have to, so I'd like to keep it on private networking. What's the best way to get this done.
Best Answer
x.509 is, of course, best choice. You can get keys (for free) from let's encrypt organization if you "own" domain address.
Then there is keyfile what you can use.
Other choices are SSL tunnel or OpenVPN, latter preferred.