public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[v11.0.x] PostgreSQL: Fix the verify-ca mode (#85775)

Browse Source 
PostgreSQL: Fix the verify-ca mode (#85530)

postgres: fix the verify-ca problem
(cherry picked from commit 8a15ed42ae)

Co-authored-by: Gábor Farkas <gabor.farkas@gmail.com>
This commit is contained in:
grafana-delivery-bot[bot]
2024-04-09 09:28:56 +02:00
committed by GitHub
parent 7ac14ff217
commit 9d01858763
2 changed files with 17 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/tsdb/grafana-postgresql-datasource/postgres.go
+8
View File
@@ -224,6 +224,14 @@ func (s *Service) generateConnectionString(dsInfo sqleng.DataSourceInfo) (string
connStr += fmt.Sprintf(" sslmode='%s'", escape(tlsSettings.Mode))
// there is an issue with the lib/pq module, the `verify-ca` tls mode
// does not work correctly. ( see https://github.com/lib/pq/issues/1106 )
// to workaround the problem, if the `verify-ca` mode is chosen,
// we disable sslsni.
if tlsSettings.Mode == "verify-ca" {
connStr += " sslsni=0"
}
// Attach root certificate if provided
if tlsSettings.RootCertFile != "" {
logger.Debug("Setting server root certificate", "tlsRootCert", tlsSettings.RootCertFile)