SSL connections are optional. CA verification not enforced.
AllowUnencryptedAndEncrypted
SSL connections are optional. CA verification not enforced.
EncryptedOnly
SSL connections are required. CA verification not enforced.
Require
SSL connections are required. CA verification not enforced.
Clients may use locally self-signed certificates (default psql client
behavior).
Unspecified
SSL mode is not specified. Defaults to ENCRYPTED_ONLY.
VerifyCa
SSL connections are required. CA verification enforced.
Clients must have certificates signed by a Cluster CA, for example, using
GenerateClientCertificate.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-03-21 UTC."],[[["The `SslConfig.Types.SslMode` enum in the AlloyDB v1alpha API provides options for configuring SSL connections, including whether they are optional or required."],["The `Unspecified` mode defaults to `ENCRYPTED_ONLY`, where SSL connections are required but CA verification is not enforced."],["The `VerifyCa` mode mandates SSL connections and enforces CA verification, requiring clients to use certificates signed by a Cluster CA."],["The `Allow` and `AllowUnencryptedAndEncrypted` mode indicate that SSL connections are optional and CA verification is not enforced."],["The `Require` mode mandates SSL connections and does not enforce CA verification, meaning clients may use self-signed certificates."]]],[]]