SSL configuration.
JSON representation |
---|
{ "sslMode": enum ( |
Fields | |
---|---|
ssl |
Optional. SSL mode. Specifies client-server SSL/TLS connection behavior. |
ca |
Optional. Certificate Authority (CA) source. Only CA_SOURCE_MANAGED is supported currently, and is the default value. |
SslMode
SSL mode options.
Enums | |
---|---|
SSL_MODE_UNSPECIFIED |
SSL mode is not specified. Defaults to ENCRYPTED_ONLY. |
SSL_MODE_ALLOW |
SSL connections are optional. CA verification not enforced. |
SSL_MODE_REQUIRE |
SSL connections are required. CA verification not enforced. Clients may use locally self-signed certificates (default psql client behavior). |
SSL_MODE_VERIFY_CA |
SSL connections are required. CA verification enforced. Clients must have certificates signed by a Cluster CA, for example, using GenerateClientCertificate. |
ALLOW_UNENCRYPTED_AND_ENCRYPTED |
SSL connections are optional. CA verification not enforced. |
ENCRYPTED_ONLY |
SSL connections are required. CA verification not enforced. |
CaSource
Certificate Authority (CA) source for SSL/TLS certificates.
Enums | |
---|---|
CA_SOURCE_UNSPECIFIED |
Certificate Authority (CA) source not specified. Defaults to CA_SOURCE_MANAGED. |
CA_SOURCE_MANAGED |
Certificate Authority (CA) managed by the AlloyDB Cluster. |