enable SNI

[conradludgate]

Adding the ServerName config allows TLS to include the ServerNameIdentification (SNI) extension. We use this at Neon to determine which database endpoint to connect to: https://neon.tech/docs/connect/connection-errors#the-endpoint-id-is-not-specified

I have tested that this works for sslmode=require, but I need to still confirm that this doesn't break the insecure modes from being insecure

[eu-erwin]

Hi @conradludgate, I currently face the same problem on neon too. however it works with sslmode=verify-full. does this have some impact? I am not sure, what the different is. but, at lease it works for now.

[conradludgate]

sslmode=require does not verify that the certificate is valid, it only ensures that TLS is used. I would recommend verify-full of you can (neon supports this perfectly)