TLS Modes

TLS Modes Description
VerifyCA Verifies Certficate Authority (CA) certificate.
  • CA Certificate: Not Required. Provide CA certificate for verification.
  • Client Certificate: Not required. Client certificate file for connections requiring client authentication.
  • Client Key: Not required. Client key file used for connections requiring client authentication.
VerifyFull The server host name is verified to ensure that it matches the Common Name in the server certificate.
  • CA Certificate: Required. Provide CA certificate for verification.
  • Client Certificate: Not required. Client certificate file for connections requiring client authentication.
  • Client Key: Not required. Client key file used for connections requiring client authentication.
Note: The Client Key file permissions must be 0660.

For more details on TLS modes, see PostgreSQL SSL Support Documentation.