Peter Wasden
11/22/2021, 7:13 PMRobert Moucha
11/22/2021, 7:57 PMdex.config.database.sslMode
is missing in documentation. Currently, you can set this value either to disable
(default) or require
. In the latter mode, the connection to DB is established using SSL mode, but no certificate verification is performed. Therefore it offers in-transit encryption, but it is still vulnerable to MITM type of attack.
Note: the driver itself also supports values verify-ca
and verify-full
, but these two modes require passing the trusted CA cert to Dex component as a file and this is not currently supported by our helm chart.