Kong: Allow connecting to Postgres database via SSL
Postgresql servers can be configured to force a client to connect via ssl. Kong should allow for ssl connections to postgres in its config, as is available for cassandra. This is especially important given all the secrets that are stored in the database in plain text (e.g. jwt secrets).
For reference: https://www.postgresql.org/docs/9.1/static/ssl-tcp.html
nguilford
All 6 comments
We've been waiting on https://github.com/leafo/pgmoon/pull/24 for that. At that point we might consider using a fork of pgmoon with this patch for Kong.
thibaultcha
on 10 Jun 2016
This is the blocker for Kong with Postgres on Heroku, because Heroku Postgres requires SSL: https://github.com/heroku/heroku-buildpack-kong/issues/7
I'm selfishly in support of forking pgmoon to get this fix @thibaultCha
mars
on 13 Jun 2016
Alright, we just created a temporary fork at Mashape/pgmoon and we will include Postgres SSL connections in the upcoming 0.9 release (this month).
thibaultcha
on 12 Jul 2016
1425 implements those! Testing appreciated!
thibaultcha
on 19 Jul 2016
Has been implemented (to be released in the upcoming 0.9 version this month).
thibaultcha
on 22 Jul 2016
Thanks! I've been on vacation but I will take a look this week.
nguilford
on 25 Jul 2016
Related issues
jeremyjpj0916
路
81Comments
ahmadnassri
路
59Comments
DavidTPate
路
35Comments
jeremyjpj0916
路
65Comments
subnetmarco
路
97Comments
Most helpful comment
This is the blocker for Kong with Postgres on Heroku, because Heroku Postgres requires SSL: https://github.com/heroku/heroku-buildpack-kong/issues/7
I'm selfishly in support of forking pgmoon to get this fix @thibaultCha