Permalink
Browse files

elaborate on sslmode options (#1054)

  • Loading branch information...
davecramer committed Jan 11, 2018
1 parent a2ed9b5 commit aa7a4202e41bc58c4958e06161c5fd4daa36a7f9
Showing with 7 additions and 3 deletions.
  1. +5 −2 docs/documentation/head/connect.md
  2. +2 −1 pgjdbc/src/main/java/org/postgresql/PGProperty.java
@@ -95,8 +95,11 @@ Connection conn = DriverManager.getConnection(url);

* **sslmode** = String

possible values are "verify-ca" and "verify-full" setting these will
necessitate storing the server certificate on the client machine ["Configuring the client"](ssl-client.html).
possible values include "disable", "require", "verify-ca" and "verify-full", "allow" and "prefer"
will throw an exception. "require" will default to a non validating SSL factory and not check the
validity of the certificates. "verify-ca" and "verify-full" use a validating SSL factory and will
check that the ca is correct and the host is correct. Setting these will necessitate storing the
server certificate on the client machine ["Configuring the client"](ssl-client.html).

* **sslcert** = String

@@ -181,7 +181,8 @@
* {@code verify-full}, or {@code disable} ({@code allow} and {@code prefer} are not implemented)
* If not set, the {@code ssl} property may be checked to enable SSL mode.
*/
SSL_MODE("sslmode", null, "Parameter governing the use of SSL"),
SSL_MODE("sslmode", null, "Parameter governing the use of SSL",false,
"disable", "require", "verify-ca", "verify-full"),

/**
* Classname of the SSL Factory to use (instance of {@code javax.net.ssl.SSLSocketFactory}).

0 comments on commit aa7a420

Please sign in to comment.