Testing the SSL JDBC connection v42.5.1.2
If you're using Java's default mechanism (not LibPQFactory
) to create the SSL connection, you need to make the server certificate available to Java.
Set the following property in the Java program.
Convert the server certificate to Java format:
Import this certificate into Java's system truststore.
If you don't have access to the system cacerts truststore, create your own truststore.
Start your Java application and test the program.
For example:
Note
To troubleshoot connection issues, add -Djavax.net.debug=ssl
to the Java command.
Using SSL without certificate validation
By default, the combination of SSL=true
and setting the connection URL parameter sslfactory=com.edb.ssl.NonValidatingFactory
encrypts the connection but doesn't validate the SSL certificate. To enforce certificate validation, you must use a Custom SSLSocketFactory
.
For more details about writing a Custom SSLSocketFactory
, see the PostgreSQL documentation.
- On this page
- Using SSL without certificate validation