Closed conradludgate closed 3 months ago
Hi @conradludgate, I currently face the same problem on neon too.
however it works with sslmode=verify-full
. does this have some impact? I am not sure, what the different is.
but, at lease it works for now.
sslmode=require does not verify that the certificate is valid, it only ensures that TLS is used. I would recommend verify-full of you can (neon supports this perfectly)
Adding the ServerName config allows TLS to include the ServerNameIdentification (SNI) extension. We use this at Neon to determine which database endpoint to connect to: https://neon.tech/docs/connect/connection-errors#the-endpoint-id-is-not-specified
I have tested that this works for
sslmode=require
, but I need to still confirm that this doesn't break the insecure modes from being insecure