ChrisLeeBare
commented
4 years ago Hi,
is there any progress in this issue, because we are currently planning on migrating all data services from pivotal to our azure and we also ran into this issue. We'll try the workaround but this is very inconvenient when having a couple of services using the azure postgresql.
Regards
A Pivotal Customer has reported that they are encountering an issue.
Apparently starting with the Postgres JDBC Driver v. 42.2.5 the SSL behavior changed - see https://www.kobelnet.ch/2019/05/02/configure-java-jdbc-to-connect-to-postgresql-with-jre-certificate-validation
The problem is that currently, the Postgres JDBC String generated by the Azure Service Broker is not allowing the insertion of the required custom parameters in order for the connection to succeed. (rootsslcert - see https://jdbc.postgresql.org/documentation/head/connect.html#connection-parameters).
The workaround is to create a service key, then create a user provided service based on the json payload of the service key but in which the jdbcUrl is altered to add the rootsslcert path to /etc/ssl/certs/ca-certificates.crt, after adding the Microsoft certificate to the trusted certs in PAS).