Configuring SSL Verification

If you are connecting to a PostgreSQL server that has Secure Sockets Layer (SSL) enabled, then you can configure the connector to connect to an SSL-enabled socket. When connecting to a server over SSL, the connector supports identity verification between the client and the server.

You can set the connection properties described below in a connection string or in a DSN (in the odbc.ini file). Settings in the connection string take precedence over settings in the DSN.

To configure SSL verification:

1. Set the SSLMode property to the appropriate SSL mode.
Note:

For information about SSL support in PostgreSQL, see "SSL Support" in the PostgreSQL Documentation: http://www.postgresql.org/docs/9.4/static/libpq-ssl.html.

2. To specify an SSL certificate, set the SSLCertPath property to the full path and file name of the certificate file.
3. To specify the client SSL certificate, set the SSLClientCertPath property to the full path of the file containing the client SSL certificate.
4. To specify the client SSL key path, set the SSLClientKeyPath property to the full path of the file containing the secret key used for the client certificate.
5. To specify the minimum version of SSL to use, set the Min_TLS property to the minimum version of SSL. Supported options include 1.0 for TLS 1.0, 1.1 for TLS 1.1, and 1.2 for TLS 1.2.

Related topics

• Security and Authentication
• SSL Driver Configuration Options on page 1
• Configuring the Driver on page 1