“HostName not verified error message” on SSL connection in postgresql

Question

I created server.crt, server.key and root.crt files on Centos 7 and put the same onto the C:\\Users\\xxxx\\AppData\\Roaming\\postgre

Answer 1

I am using JetBrains Data Grip to access Postgres dbs on Heroku, and got the same error in the latest JDBC driver version. That's how I solved it (using answers provided here).

Set the following in the Advanced tab:

ssl=true

sslmode=require

sslfactory=org.postgresql.ssl.NonValidatingFactory

(I updated sslmode value from verify-ca to required because it works with Heroku Postgres now)

Answer 2

If you don't care about hostname verification while still wanting to use a certificate, you can use the additional parameter sslmode=verify-ca as a connection parameter or as part of the URL to disable hostname verification while retaining certificate verification.

Answer 3

To use the PostgreSQL JDBC driver without server certificate validation, use

sslfactory=org.postgresql.ssl.NonValidatingFactory

as connection parameter or as part of the URL as described in the documentation.

With later versions of the JDBC driver, you have to specify

sslmode=require

because the default value verify-full means that the client wants to check the certificate and identity of the server.