SslConfig

SSL configuration.

JSON representation
{
  "sslMode": enum (SslMode),
  "caSource": enum (CaSource)
}
Fields
sslMode

enum (SslMode)

Optional. SSL mode. Specifies client-server SSL/TLS connection behavior.

caSource

enum (CaSource)

Optional. Certificate Authority (CA) source. Only CA_SOURCE_MANAGED is supported currently, and is the default value.

SslMode

SSL mode options.

Enums
SSL_MODE_UNSPECIFIED SSL mode is not specified. Defaults to ENCRYPTED_ONLY.
SSL_MODE_ALLOW

SSL connections are optional. CA verification not enforced.

SSL_MODE_REQUIRE

SSL connections are required. CA verification not enforced. Clients may use locally self-signed certificates (default psql client behavior).

SSL_MODE_VERIFY_CA

SSL connections are required. CA verification enforced. Clients must have certificates signed by a Cluster CA, for example, using GenerateClientCertificate.

ALLOW_UNENCRYPTED_AND_ENCRYPTED SSL connections are optional. CA verification not enforced.
ENCRYPTED_ONLY SSL connections are required. CA verification not enforced.

CaSource

Certificate Authority (CA) source for SSL/TLS certificates.

Enums
CA_SOURCE_UNSPECIFIED Certificate Authority (CA) source not specified. Defaults to CA_SOURCE_MANAGED.
CA_SOURCE_MANAGED Certificate Authority (CA) managed by the AlloyDB Cluster.