You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
When connecting to a remote database that is not exposed to the internet using SSH tunnels, the self-signed CA will not match the servers certificate name as for the connecting client the server name would be "localhost".
Describe the solution you'd like
Since the server is trusted and we just need a secure connection from the client, please support no-verify as a valid option for the sslmode option.
Currently if we try using no-verify option the following error is thrown
ConnectionParamsError: Supplied DSN has invalid sslmode 'no-verify'
Additional context
This is especially painful when the servers are hosted on AWS RDS (Postgres) and there is a requirement for connecting to them using the postgres client.
The servers certificate will have the certificate issued for the fully qualified name and when connecting over SSH tunnel and using localhost as the host name we receive error
TLS connection failed with message: invalid peer certificate: NotValidForName
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
When connecting to a remote database that is not exposed to the internet using SSH tunnels, the self-signed CA will not match the servers certificate name as for the connecting client the server name would be "localhost".
Describe the solution you'd like
Since the server is trusted and we just need a secure connection from the client, please support
no-verifyas a valid option for thesslmodeoption.Currently if we try using
no-verifyoption the following error is thrownConnectionParamsError: Supplied DSN has invalid sslmode 'no-verify'Additional context
This is especially painful when the servers are hosted on AWS RDS (Postgres) and there is a requirement for connecting to them using the postgres client.
The servers certificate will have the certificate issued for the fully qualified name and when connecting over SSH tunnel and using
localhostas the host name we receive errorThe text was updated successfully, but these errors were encountered: