Closed reeshabhranjan closed 1 year ago
I think you need to set the url to the following format:
"postgresql://password:user@hostname.amazonaws.com:5432/dbname?connect_timeout=30&sslmode=verify-full&sslrootcert=%2Frds.crt"
Which will result in the following database entry:
{
"NAME": "dbname",
"USER": "password",
"PASSWORD": "user",
"HOST": "hostname.amazonaws.com",
"PORT": 5432,
"OPTIONS": {
"connect_timeout": "30",
"sslmode": "verify-full",
"sslrootcert": "/rds.crt",
},
"ENGINE": "django.db.backends.postgresql_psycopg2",
}
Yes, that works apparently. I checked the connection using tcpdump
and seems that the connection is encrypted.
I am using AWS RDS PostgreSQL DB for my usecase. It requires a string like this:
"host=<hostname>.amazonaws.com port=5432 dbname=<dbname> user=<user> password=<password> connect_timeout=30 sslmode=verify-full sslrootcert=/rds.crt"
The rds.crt is downloaded from here: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
I don't see any documented way of including the
sslmode
andsslrootcert
parameters in the URL string.