Configuring SSL for JDBC connections is not as seamless as it is for the other client connection libraries that have been enhanced with support for Spring Boot SSL bundles. Most JDBC drivers require certificates to be provided as files, not as an SSLContext, SSLSocketFactory or other Java object that can be derived from certificates and private keys and passed to an API.
The table below shows the configuration options available for JDBC drivers.
javax.net.ssl.* system properties to provide JKS files
Given the current landscape, we do not think it is feasible at this time to provide properties under spring.datasource that would only map cleanly to PostgreSQL, as we don't want to add properties that would only be effective for one driver. We'll put this issue on hold for now.
Configuring SSL for JDBC connections is not as seamless as it is for the other client connection libraries that have been enhanced with support for Spring Boot SSL bundles. Most JDBC drivers require certificates to be provided as files, not as an
SSLContext
,SSLSocketFactory
or other Java object that can be derived from certificates and private keys and passed to an API.The table below shows the configuration options available for JDBC drivers.
sslfactory
to provide a customSSLSocketFactory
implementation class name, orsslcert
,sslkey
,sslrootcert
to provide filesjavax.net.ssl.*
system properties or Connector/J connection properties to provide DER-encoded filesserverSslCert
JDBC URL parameter to provide PEM file or DER-encoded string valuejavax.net.ssl.*
system properties to provide JKS filesjavax.net.ssl.*
system properties to provide JKS filesGiven the current landscape, we do not think it is feasible at this time to provide properties under
spring.datasource
that would only map cleanly to PostgreSQL, as we don't want to add properties that would only be effective for one driver. We'll put this issue on hold for now.