TechQA.

Why I could setup SSL connection to RDS without a certificate file?

59 views Asked by At

I have an Aurora Postgresql instance in AWS RDS with encryption enabled.

According to the document, in order to setup a SSL connection with the RDS instance, I downloaded the rds-ca-2019.pem,and using psql command to setup the connection:

psql "host=xxx  dbname=xxx -p 5432 user=xxx sslrootcert=rds-ca-2019.pem sslmode=verify-full"

After providing the password, I could setup a SSL connection without an issue. But what I do not understand is that even if I do not provide the sslrootcert, and using the following command, the connection is still SSL, why is that?

psql "host=xxx  dbname=xxx -p 5432 user=xxx"
ssl amazon-rds postgresql-9.5
Original Q&A
1

There are 1 answers

0
Mark B On

You only have to provide the certificate file if you want psql to verify the server's SSL certificate. In other words, you only need to provide the certificate file if you specify sslmode=verify-full.

Since you didn't specify that SSL mode in your second command, psql is happy to create an SSL connection to the server without verifying the server's certificate.

Related Questions in SSL

Related Questions in AMAZON-RDS

Related Questions in POSTGRESQL-9.5

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions