To get an encrypted cluster you need to specify that when you initialize the cluster with initdb. One additional requirement is, that PostgreSQL was compiled with “–with-openssl”:<\/p>\n
\npostgres@debian10pg:\/home\/postgres\/ [pgdev] pg_config | grep openssl\nCONFIGURE = '--prefix=\/u01\/app\/postgres\/product\/DEV\/db_1\/' '--exec-prefix=\/u01\/app\/postgres\/product\/DEV\/db_1\/' '--bindir=\/u01\/app\/postgres\/product\/DEV\/db_1\/\/bin' '--libdir=\/u01\/app\/postgres\/product\/DEV\/db_1\/\/lib' '--sysconfdir=\/u01\/app\/postgres\/product\/DEV\/db_1\/\/etc' '--includedir=\/u01\/app\/postgres\/product\/DEV\/db_1\/\/include' '--datarootdir=\/u01\/app\/postgres\/product\/DEV\/db_1\/\/share' '--datadir=\/u01\/app\/postgres\/product\/DEV\/db_1\/\/share' '--with-pgport=5432' '--with-perl' '--with-python' '--with-openssl' '--with-pam' '--with-ldap' '--with-libxml' '--with-libxslt' '--with-segsize=2' '--with-blocksize=8' '--with-llvm' 'LLVM_CONFIG=\/usr\/bin\/llvm-config-7' '--with-systemd'\n<\/pre>\nIf that is given you can initialize a new cluster and tell initdb how to get the encryption key:<\/p>\n
\npostgres@debian10pg:\/home\/postgres\/ [pgdev] initdb --help | grep cluster-key-command\n -c --cluster-key-command=COMMAND\n<\/pre>\nIf this key is provided, two internal keys are generated, one for the table and index files (and any temporary objects) and one for the WAL files:<\/p>\n
\npostgres@debian10pg:\/home\/postgres\/ [pgdev] initdb --pgdata=\/var\/tmp\/pgenc --cluster-key-command=\/home\/postgres\/get_key.sh\nThe files belonging to this database system will be owned by user \"postgres\".\nThis user must also own the server process.\n\nThe database cluster will be initialized with locale \"en_US.UTF-8\".\nThe default database encoding has accordingly been set to \"UTF8\".\nThe default text search configuration will be set to \"english\".\n\nData page checksums are disabled.\nCluster file encryption is enabled.\n\ncreating directory \/var\/tmp\/pgenc ... ok\ncreating subdirectories ... ok\nselecting dynamic shared memory implementation ... posix\nselecting default max_connections ... 100\nselecting default shared_buffers ... 128MB\nselecting default time zone ... Europe\/Zurich\ncreating configuration files ... ok\nrunning bootstrap script ... ok\nperforming post-bootstrap initialization ... ok\nsyncing data to disk ... ok\n\ninitdb: warning: enabling \"trust\" authentication for local connections\nYou can change this by editing pg_hba.conf or using the option -A, or\n--auth-local and --auth-host, the next time you run initdb.\n\nSuccess. You can now start the database server using:\n\n pg_ctl -D \/var\/tmp\/pgenc -l logfile start\n<\/pre>\nThe command to get the key in this example is quite trivial:<\/p>\n
\npostgres@debian10pg:\/home\/postgres\/ [pgdev] cat \/home\/postgres\/get_key.sh\necho \"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\"\n<\/pre>\nIn a real setup the key should of course come from an external key store. Lets try to start the cluster:<\/p>\n
\npostgres@debian10pg:\/home\/postgres\/ [pgdev] export PGPORT=8888\npostgres@debian10pg:\/home\/postgres\/ [pgdev] pg_ctl -D \/var\/tmp\/pgenc\/ start\nwaiting for server to start....2020-12-26 16:11:12.220 CET [7106] LOG: starting PostgreSQL 14devel on x86_64-pc-linux-gnu, compiled by gcc (Debian 8.3.0-6) 8.3.0, 64-bit\n2020-12-26 16:11:12.221 CET [7106] LOG: listening on IPv6 address \"::1\", port 8888\n2020-12-26 16:11:12.221 CET [7106] LOG: listening on IPv4 address \"127.0.0.1\", port 8888\n2020-12-26 16:11:12.234 CET [7106] LOG: listening on Unix socket \"\/tmp\/.s.PGSQL.8888\"\n2020-12-26 16:11:12.250 CET [7109] LOG: database system was shut down at 2020-12-26 16:08:34 CET\n2020-12-26 16:11:12.274 CET [7106] LOG: database system is ready to accept connections\n done\nserver started\n<\/pre>\nWhy does that work? We did not provide the key at startup time so PostgreSQL somehow must know how to get the key. Actually there is a new parameter that automatically gets the command we specified when we initialized the cluster:<\/p>\n
\npostgres@debian10pg:\/home\/postgres\/ [pgdev] grep cluster_key \/var\/tmp\/pgenc\/postgresql.conf \ncluster_key_command = '\/home\/postgres\/get_key.sh'\n<\/pre>\nIf we remove that and start again it will not work:<\/p>\n
\npostgres@debian10pg:\/home\/postgres\/ [pgdev] psql -c \"alter system set cluster_key_command=''\" postgres\nALTER SYSTEM\npostgres@debian10pg:\/home\/postgres\/ [pgdev] grep cluster_key \/var\/tmp\/pgenc\/postgresql.auto.conf \ncluster_key_command = ''\npostgres@debian10pg:\/home\/postgres\/ [pgdev] pg_ctl -D \/var\/tmp\/pgenc\/ stop\n2020-12-26 16:15:29.457 CET [7106] LOG: received fast shutdown request\nwaiting for server to shut down....2020-12-26 16:15:29.467 CET [7106] LOG: aborting any active transactions\n2020-12-26 16:15:29.469 CET [7106] LOG: background worker \"logical replication launcher\" (PID 7115) exited with exit code 1\n2020-12-26 16:15:29.473 CET [7110] LOG: shutting down\n2020-12-26 16:15:29.534 CET [7106] LOG: database system is shut down\n done\nserver stopped\n16:15:29 postgres@debian10pg:\/home\/postgres\/ [pgdev] pg_ctl -D \/var\/tmp\/pgenc\/ start\nwaiting for server to start....2020-12-26 16:15:31.762 CET [7197] LOG: starting PostgreSQL 14devel on x86_64-pc-linux-gnu, compiled by gcc (Debian 8.3.0-6) 8.3.0, 64-bit\n2020-12-26 16:15:31.763 CET [7197] LOG: listening on IPv6 address \"::1\", port 8888\n2020-12-26 16:15:31.763 CET [7197] LOG: listening on IPv4 address \"127.0.0.1\", port 8888\n2020-12-26 16:15:31.778 CET [7197] LOG: listening on Unix socket \"\/tmp\/.s.PGSQL.8888\"\n2020-12-26 16:15:31.786 CET [7197] FATAL: cluster key must be 64 hexadecimal characters\n2020-12-26 16:15:31.787 CET [7197] LOG: database system is shut down\n stopped waiting\npg_ctl: could not start server\nExamine the log output.\n<\/pre>\nThe two keys that have been generated when the cluster was initialized can be found in $PGDATA:<\/p>\n
\npostgres@debian10pg:\/var\/tmp\/pgenc\/ [pgdev] ls -la pg_cryptokeys\/live\/\ntotal 16\ndrwx------ 2 postgres postgres 4096 Dec 26 16:08 .\ndrwx------ 3 postgres postgres 4096 Dec 26 16:08 ..\n-rw------- 1 postgres postgres 72 Dec 26 16:08 0\n-rw------- 1 postgres postgres 72 Dec 26 16:08 1\n<\/pre>\nThe reason for two separate keys is, that a primary and a replica cluster can have a different key for the table, index and all other files generated during database operations but still can have the same key for the WAL files. Btw: pg_controldata will also tell you if a cluster is encrypted:<\/p>\n
\npostgres@debian10pg:\/var\/tmp\/pgenc\/base\/12833\/ [pgdev] pg_controldata -D \/var\/tmp\/pgenc\/ | grep encr\nFile encryption key length: 128\n<\/pre>\nThat really is a nice and much appreciated feature. Currently only the whole cluster can be encrypted, but I am sure that is sufficient for most of the use cases. Lets hope that it will not get reverted for any reason.<\/p>\n","protected":false},"excerpt":{"rendered":"
The discussions how and why TDE (Transparent data encryption) should be implemented in PostgreSQL goes back several years. You can have a look at these two more recent threads to get an idea on how much discussion happened around that feature: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS) Re: Internal key […]<\/p>\n","protected":false},"author":29,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[229],"tags":[77],"type_dbi":[],"class_list":["post-15425","post","type-post","status-publish","format-standard","hentry","category-database-administration-monitoring","tag-postgresql"],"acf":[],"yoast_head":"\n
Cluster level encryption for PostgreSQL 14 - dbi Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cluster level encryption for PostgreSQL 14\" \/>\n<meta property=\"og:description\" content=\"The discussions how and why TDE (Transparent data encryption) should be implemented in PostgreSQL goes back several years. You can have a look at these two more recent threads to get an idea on how much discussion happened around that feature: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS) Re: Internal key […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/\" \/>\n<meta property=\"og:site_name\" content=\"dbi Blog\" \/>\n<meta property=\"article:published_time\" content=\"2020-12-26T14:33:44+00:00\" \/>\n<meta name=\"author\" content=\"Daniel Westermann\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@westermanndanie\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Daniel Westermann\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/\"},\"author\":{\"name\":\"Daniel Westermann\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/8d08e9bd996a89bd75c0286cbabf3c66\"},\"headline\":\"Cluster level encryption for PostgreSQL 14\",\"datePublished\":\"2020-12-26T14:33:44+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/\"},\"wordCount\":372,\"commentCount\":1,\"keywords\":[\"PostgreSQL\"],\"articleSection\":[\"Database Administration & Monitoring\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/\",\"url\":\"https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/\",\"name\":\"Cluster level encryption for PostgreSQL 14 - dbi Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#website\"},\"datePublished\":\"2020-12-26T14:33:44+00:00\",\"author\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/8d08e9bd996a89bd75c0286cbabf3c66\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.dbi-services.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cluster level encryption for PostgreSQL 14\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#website\",\"url\":\"https:\/\/www.dbi-services.com\/blog\/\",\"name\":\"dbi Blog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.dbi-services.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/8d08e9bd996a89bd75c0286cbabf3c66\",\"name\":\"Daniel Westermann\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/31350ceeecb1dd8986339a29bf040d4cd3cd087d410deccd8f55234466d6c317?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/31350ceeecb1dd8986339a29bf040d4cd3cd087d410deccd8f55234466d6c317?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/31350ceeecb1dd8986339a29bf040d4cd3cd087d410deccd8f55234466d6c317?s=96&d=mm&r=g\",\"caption\":\"Daniel Westermann\"},\"description\":\"Daniel Westermann is Principal Consultant and Technology Leader Open Infrastructure at dbi services. He has more than 15 years of experience in management, engineering and optimization of databases and infrastructures, especially on Oracle and PostgreSQL. Since the beginning of his career, he has specialized in Oracle Technologies and is Oracle Certified Professional 12c and Oracle Certified Expert RAC\/GridInfra. Over time, Daniel has become increasingly interested in open source technologies, becoming \u201cTechnology Leader Open Infrastructure\u201d and PostgreSQL expert. \u00a0Based on community or EnterpriseDB tools, he develops and installs complex high available solutions with PostgreSQL. He is also a certified PostgreSQL Plus 9.0 Professional and a Postgres Advanced Server 9.4 Professional. He is a regular speaker at PostgreSQL conferences in Switzerland and Europe. Today Daniel is also supporting our customers on AWS services such as AWS RDS, database migrations into the cloud, EC2 and automated infrastructure management with AWS SSM (System Manager). He is a certified AWS Solutions Architect Professional. Prior to dbi services, Daniel was Management System Engineer at LC SYSTEMS-Engineering AG in Basel. Before that, he worked as Oracle Developper &\u00a0Project Manager at Delta Energy Solutions AG in Basel (today Powel AG). Daniel holds a diploma in Business Informatics (DHBW, Germany). His branch-related experience mainly covers the pharma industry, the financial sector, energy, lottery and telecommunications.\",\"sameAs\":[\"https:\/\/x.com\/westermanndanie\"],\"url\":\"https:\/\/www.dbi-services.com\/blog\/author\/daniel-westermann\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Cluster level encryption for PostgreSQL 14 - dbi Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/","og_locale":"en_US","og_type":"article","og_title":"Cluster level encryption for PostgreSQL 14","og_description":"The discussions how and why TDE (Transparent data encryption) should be implemented in PostgreSQL goes back several years. You can have a look at these two more recent threads to get an idea on how much discussion happened around that feature: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS) Re: Internal key […]","og_url":"https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/","og_site_name":"dbi Blog","article_published_time":"2020-12-26T14:33:44+00:00","author":"Daniel Westermann","twitter_card":"summary_large_image","twitter_creator":"@westermanndanie","twitter_misc":{"Written by":"Daniel Westermann","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/#article","isPartOf":{"@id":"https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/"},"author":{"name":"Daniel Westermann","@id":"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/8d08e9bd996a89bd75c0286cbabf3c66"},"headline":"Cluster level encryption for PostgreSQL 14","datePublished":"2020-12-26T14:33:44+00:00","mainEntityOfPage":{"@id":"https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/"},"wordCount":372,"commentCount":1,"keywords":["PostgreSQL"],"articleSection":["Database Administration & Monitoring"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/","url":"https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/","name":"Cluster level encryption for PostgreSQL 14 - dbi Blog","isPartOf":{"@id":"https:\/\/www.dbi-services.com\/blog\/#website"},"datePublished":"2020-12-26T14:33:44+00:00","author":{"@id":"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/8d08e9bd996a89bd75c0286cbabf3c66"},"breadcrumb":{"@id":"https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.dbi-services.com\/blog\/cluster-level-encryption-for-postgresql-14\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.dbi-services.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Cluster level encryption for PostgreSQL 14"}]},{"@type":"WebSite","@id":"https:\/\/www.dbi-services.com\/blog\/#website","url":"https:\/\/www.dbi-services.com\/blog\/","name":"dbi Blog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.dbi-services.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/8d08e9bd996a89bd75c0286cbabf3c66","name":"Daniel Westermann","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/31350ceeecb1dd8986339a29bf040d4cd3cd087d410deccd8f55234466d6c317?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/31350ceeecb1dd8986339a29bf040d4cd3cd087d410deccd8f55234466d6c317?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/31350ceeecb1dd8986339a29bf040d4cd3cd087d410deccd8f55234466d6c317?s=96&d=mm&r=g","caption":"Daniel Westermann"},"description":"Daniel Westermann is Principal Consultant and Technology Leader Open Infrastructure at dbi services. He has more than 15 years of experience in management, engineering and optimization of databases and infrastructures, especially on Oracle and PostgreSQL. Since the beginning of his career, he has specialized in Oracle Technologies and is Oracle Certified Professional 12c and Oracle Certified Expert RAC\/GridInfra. Over time, Daniel has become increasingly interested in open source technologies, becoming \u201cTechnology Leader Open Infrastructure\u201d and PostgreSQL expert. \u00a0Based on community or EnterpriseDB tools, he develops and installs complex high available solutions with PostgreSQL. He is also a certified PostgreSQL Plus 9.0 Professional and a Postgres Advanced Server 9.4 Professional. He is a regular speaker at PostgreSQL conferences in Switzerland and Europe. Today Daniel is also supporting our customers on AWS services such as AWS RDS, database migrations into the cloud, EC2 and automated infrastructure management with AWS SSM (System Manager). He is a certified AWS Solutions Architect Professional. Prior to dbi services, Daniel was Management System Engineer at LC SYSTEMS-Engineering AG in Basel. Before that, he worked as Oracle Developper &\u00a0Project Manager at Delta Energy Solutions AG in Basel (today Powel AG). Daniel holds a diploma in Business Informatics (DHBW, Germany). His branch-related experience mainly covers the pharma industry, the financial sector, energy, lottery and telecommunications.","sameAs":["https:\/\/x.com\/westermanndanie"],"url":"https:\/\/www.dbi-services.com\/blog\/author\/daniel-westermann\/"}]}},"_links":{"self":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts\/15425","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/users\/29"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/comments?post=15425"}],"version-history":[{"count":0,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts\/15425\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/media?parent=15425"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/categories?post=15425"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/tags?post=15425"},{"taxonomy":"type","embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/type_dbi?post=15425"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}