To enable Transport Layer Security (TLS) encryption for PostgreSQL, set the
sslmode property to
verify-full in the JDBC connector URL.
For example, in the $JFROG_HOME/artifactory/var/etc/system.yaml file:
shared: database: ... url:jdbc:postgresql://mypostgress.mydomain.com:5432/artifactory?ssl=true&sslfactory=org.postgresql.ssl.jdbc4.LibPQFactory&sslmode=verify- full&sslrootcert=/tmp/server.crt ...
If you are using old certificates or have an AWS RDS instance that was created before July 2020, you will not have Subject Alternative Name (SAN) enabled. To resolve this issue, you will need to generate a new certificate with SAN.