glyph
commented
6 years ago I've filed a related issue against sqlalchemy: https://bitbucket.org/zzzeek/sqlalchemy/issues/4146/common-handling-of-sslmode-and-sslrootcert but it might be nice if pg8000 itself had a URL-based connection mechanism as well, that mirrored libpq's.
tlocke
RDS uses a custom trust root for SSL on RDS databases. Therefore, in order to securely use an RDS database with PG8000, it is necessary to set
ssl=Trueand to also pass a custom value tossl.wrap_socket'sca_certsparameter.pg8000does not currently allow this, or provide any public API hook to insert one's own transport mechanism.