Configuring SSL Verification

If you are connecting to a PostgreSQL server that has Secure Sockets Layer (SSL) enabled, then you can configure the connector to connect to an SSL-enabled socket. When connecting to a server over SSL, the connector supports identity verification between the client and the server.

To configure SSL verification:

1. To access the SSL options for a DSN, open the ODBC Data Source Administrator where you created the DSN, then select the DSN, then click Configure, and then click SSL Options.
2. In the Authentication Mode list, select the appropriate SSL mode.

   Note:

   For information about SSL support in PostgreSQL, see "SSL Support" in the PostgreSQL Documentation: http://www.postgresql.org/docs/9.4/static/libpq-ssl.html.

3. To specify the minimum version of SSL to use, from the Minimum TLS drop-down list, select the minimum version of SSL.
4. To use the System Trust Store for SSL certificates, select the Use System Trust Store check box.
5. If you selected Use System Trust Store, choose one of the following options:
   • To check the validity of the certificate's trust chain, select the Check Certificate Revocation check box.
   • Or, to accept self-signed certificates, select the Allow Self-signed Server Certificate check box.
6. To specify an SSL certificate, select the Enable Custom SSL CA Root Certificate check box, and then, in the Path field, specify the full path to the certificate file.
7. To specify the client SSL certificate, in the Client Cert field, type the full path of the file containing the client SSL certificate.
8. To specify the client SSL key path, in the Client Key field, type the full path of the file containing the secret key used for the client certificate.
9. To save your settings and close the dialog box, click OK.
10. To save your settings and close the Simba PostgreSQL ODBC Driver DSN Setup dialog box, click OK.