Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Why does connection to my Postgres server in Azure fail if my app does not have SSL enabled?

I get a connection failure when I try to connect to my postgres server in Azure from my app/client, which does not have SSL enabled.

Unable to connect to server: FATAL: SSL connection is required. Please specify SSL options and retry.

Is this a strong requirement? Is there a way I can circumvent this requirement?

like image 784
Shantanu Avatar asked May 17 '17 17:05

Shantanu


People also ask

What is SSL mode in PostgreSQL?

In libpq, secure connections can be ensured by setting the sslmode parameter to verify-full or verify-ca , and providing the system with a root certificate to verify against. This is analogous to using an https URL for encrypted web browsing. Once the server has been authenticated, the client can pass sensitive data.

Which deployment option of PostgreSQL in Azure should you use?

For organizations that need to customize their PostgreSQL deployments, and need to overcome the limitations of the Azure Database for PostgreSQL managed service, the self-managed Azure VM option is the most appropriate option.

Which tool is used to connect to the PostgreSQL server in Azure cloud shell?

The psql client is a popular choice for connecting to PostgreSQL servers. You can connect to your server by using psql with Azure Cloud Shell. You can also use psql on your local environment if you have it available. An empty database, postgres, is automatically created with a new PostgreSQL server.


2 Answers

Rather than bypassing this error and simply disabling SSL, you might also want to try simply enabling SSL by pimping up your connection string:

"Server=SERVERNAME.postgres.database.azure.com;     Port=5432;Database=DBNAME;     User Id=DBUSER@SERVERNAME;     Password=PASSWORD;     SslMode=Require"; 

Notice the SslMode=Require suffix at the end? This works with Npgsql as well (assuming you use C#) for connecting to an Azure Database for Postgresql.

like image 81
Juliën Avatar answered Oct 10 '22 02:10

Juliën


By default, Azure Database for PostgreSQL enforces SSL connections between your server and your client applications to protect against MITM (man in the middle) attacks. This is done to make the connection to your server as secure as possible.

Although not recommended, you have the option to disable requiring SSL for connecting to your server if your client application does not support SSL connectivity. Please check How to Configure SSL Connectivity for your Postgres server in Azure for more details. You can disable requiring SSL connections from either the portal or using CLI. Note that Azure does not recommend disabling requiring SSL connections when connecting to your server.

like image 26
Shantanu Avatar answered Oct 10 '22 02:10

Shantanu