- 最新
- 最多得票
- 最多評論
Hello there
According to the information given,I can fully understand that you want your password to be encrypted.RDS for PostgreSQL uses and expects all clients to connect using SSL/TLS, but you need to require it to use to request connection [1].This means your connection string would still have to specify an SSL certificate like :
$ psql -h db-name.555555555555.ap-southeast-1.rds.amazonaws.com-p 5432 dbname=testDB user=testusersslrootcert=rds-ca-2019-root.pem sslmode=verify-full
You can require that connections to your PostgreSQL DB instance use SSL by using the rds.force_ssl parameter.By default, the rds.force_ssl parameter is set to 0 (off). You can set the rds.force_ssl parameter to 1 (on) to require SSL for connections to your DB instance for more information using SSL with a PostgreSQL DB instance.Learn more about How can you stop Amazon RDS for PostgreSQL from logging my passwords in clear-text in the log files.
Resource: [1]https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Concepts.General.SSL.html [2]https://aws.amazon.com/premiumsupport/knowledge-center/rds-postgresql-cleartext-logging/
Hi
If requires ssl connection then need to specify in the
- PG parameter group rds.force_ssl [1] https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Concepts.General.SSL.html#PostgreSQL.Concepts.General.SSL.Requiring
- JDBC connection string to specify ssl mode and other parameters https://jdbc.postgresql.org/documentation/head/connect.html
The default mode I think is prefer for PostgreSQL, which mentioned in the PG doc [2] https://www.postgresql.org/docs/current/libpq-ssl.html: "I don't care about encryption, but I wish to pay the overhead of encryption if the server supports it." It is when certificate exist otherwise will not use.
相關內容
- 已提問 7 個月前
- AWS 官方已更新 2 年前
- AWS 官方已更新 2 年前