SSH to Cloud SQL instance fails with SSL error


You are trying to connect to a PostgreSQL instance using SSH, but receive the following error:
FATAL:  pg_hba.conf rejects connection for host "xx.xx.xx.xx", user "postgre_user", database "postgre_db", SSL off.


  • Cloud SQL for PostgreSQL


  1. Create a client certificate.
  2. Validate pre-requisites.
  3. Connect from the local machine or compute engine.

: Disabling Allow only SSL is not recommended, as this disables the secure connectivity to your instance.

  1. In the Google Cloud console.
  2. Go to the Cloud SQL Instances page.
  3. To open the Overview page of an instance, click on the instance name.
  4. Click Connections from the SQL navigation menu and select the Security tab.
  5. Uncheck the option to Allow only SSL connections.


This FATAL appears because Allow only SSL connection is checked and TLS/SSL Certificates are not exchanged. This causes the issue to occur when you try to connect to the instance from any unknown VM or machine. After creating the client certificate and configuring access to your SQL Instance, enabling the Allow only SSL option can help in preventing this FATAL.