When using the communication data encryption feature to connect to the database server, set as follows:
This section describes how to create applications for encrypting communication data.
Set the property of the SSL parameter to "true" to encrypt. The default for the SSL parameter is "false".
Example
Setting example 1
String url = "jdbc:postgresql://sv1/test";
Properties props = new Properties();
props.setProperty("user","symfo");
props.setProperty("password","secret");
props.setProperty("ssl","true");
Connection conn = DriverManager.getConnection(url, props);Setting example 2
String url = "jdbc:postgresql://sv1/test?user=symfo&password=secret&ssl=true";
Connection conn = DriverManager.getConnection(url);To prevent spoofing of the database server, you need to use the keytool command included with Java to import the CA certificate to the Java keystore.
Refer to JDK documentation and the Oracle website for details.
Note
There is no need to set the ssl parameter if the connection string of the DriverManager class is specified, or if the sslmode parameter is specified in the data source, such as when the application connection switch feature is used. If the ssl parameter is set, the value in the sslmode parameter will be enabled.
See
Refer to "Secure TCP/IP Connections with SSL" in "Server Administration" in the PostgreSQL Documentation for information on encrypting communication data.