Open tmm1 opened 1 week ago
Prisma uses TLS by default if it's enabled on the database side. Postgres driver (tokio-postgres
) is configured to use the native-tls
crate, which uses OpenSSL on Linux and most other systems except macOS and Windows where it uses the platform native Security.framework and SChannel respectively. It's possible to use https://crates.io/crates/tokio-postgres-rustls instead, so feel free to open a PR to add it and put it behind a cargo feature if it's important for you. I'd love if we used rustls by default, but that would certainly be a breaking change, and we'd need to understand how many of the users are relying on TLS versions or cipher suites not supported by rustls if we were to do that. Compatibility was a big problem when we briefly tried using rustls in the SQL Server connector.
thanks for the pointer to tokio-postgres-rustls. I'll give it a shot and open a PR if it works out for us
and is there a way to use an alternative like rust-tls?