Hi folks, I’m trying to connect from a Fly app to my Fly Postgres database using sslmode=require. I know traffic is by default encrypted and this isn’t required due to wireshark et al., but the tool I’m using requires sslmode=require.
I was able to connect without sslmode=require from an app on Fly, and I was able to connect using sslmode=require when the database was exposed, but I’m not able to connect from an app on Fly with sslmode=require.
How can I configure this? I don’t want to expose the database externally.
I switched on SSL in my Supabase Postgres database, and I found that psql in a Fly container made use of that automatically. I didn’t change the configuration.
Could you describe how you’re connecting both with, and without, SSL? If SSL does not work, then it may be helpful for readers to see a working approach too.
Fly Postgres doesn’t support SSL, as far as I know. When you were connecting over .fly.dev, it was the Fly Proxy that was handling that side of things.
I.e., there isn’t a simple configuration tweak that you can make.
One possible workaround is to see whether the third-party tool will connect to localhost without SSL. If so, then you can put a repeater there that sends things over to the real database Machine.
