Closed ebrandsberg closed 1 year ago
bhvkshah
commented
1 year ago Hi @ebrandsberg, thank you for submitting this issue and contributing to make the Redshift JDBC Driver better! We will look into this and get back to you once we have an update!
bhvkshah
commented
1 year ago @ebrandsberg we have a fix for this which will be in driver version 2.1.0.11, where you can specify ssl=false and need not specify sslmode explicitly. The code path this would take would set sslmode to DISABLE. Please note that when connecting via IAM, sslmode cannot be set to DISABLE and therefore it will be set to PREFER if left unspecified and will indeed result in an error if explicitly set to DISABLE. Also, the require_ssl property needs to be set to false (it is false by default) on the Redshift cluster you are connecting to, for it to accept client connections where ssl is false.
Thank you for contributing to the Redshift JDBC 2.x Driver!
Driver version
2.1.0.10
Problem description
From the source, it appears that if TLS is explicitly disabled, it will simply generate an error, either: Invalid connection property value sslmode: disable (setting sslmode=disable)
or
The value for property sslmode is invalid. Valid values are: verify-full, verify-ca.
or
Conflict in connection property setting sslmode and ssl (setting ssl to false and sslmode=disable)
The actual driver advertises the sslmode value of "disable" is supported, and the code is there, inherited from the Postgres fork, but if selected, it will not work. The only values of sslmode that are allowed are verify-full and verify-ca.