[GH-ISSUE #1041] Feature request: support additional PostgreSQL DB SSL parameters via environment variables #721

New issue

Closed

opened 2026-02-25 23:43:22 +03:00 by kerem · 1 comment

kerem commented

2026-02-25 23:43:22 +03:00

Owner

Originally created by @gclawes on GitHub (Aug 4, 2024).
Original GitHub issue: https://github.com/healthchecks/healthchecks/issues/1041

It would be useful to support the following SSL parameters in postgresql DB connections, especially when using custom trusted CAs or certificate-based authentication.

sslrootcert - useful when using a custom certificate authority for the postgresql server
sslcert/sslkey - useful for certificate-based authentication, especially with cert-manager in Kubernetes

These can be set in local_settings.py manually, but having this in environment variables would be more convenient in container environments.

Originally created by @gclawes on GitHub (Aug 4, 2024). Original GitHub issue: https://github.com/healthchecks/healthchecks/issues/1041 It would be useful to support the following SSL parameters in postgresql DB connections, especially when using custom trusted CAs or certificate-based authentication. * [`sslrootcert`](https://www.postgresql.org/docs/10/libpq-connect.html#LIBPQ-CONNECT-SSROOTCERT) - useful when using a custom certificate authority for the postgresql server * [`sslcert`](https://www.postgresql.org/docs/10/libpq-connect.html#LIBPQ-CONNECT-SSLCERT)/[`sslkey`](https://www.postgresql.org/docs/10/libpq-connect.html#LIBPQ-CONNECT-SSLKEY) - useful for certificate-based authentication, especially with `cert-manager` in Kubernetes These can be set in `local_settings.py` manually, but having this in environment variables would be more convenient in container environments.

kerem closed this issue

2026-02-25 23:43:22 +03:00

kerem commented

2026-02-25 23:43:22 +03:00

Author

Owner

@cuu508 commented on GitHub (Aug 19, 2024):

Thanks for the suggestion. All three of sslrootcert, sslcert and sslkey take file paths – to use them, you would need to mount files inside the image, or build a custom image. If you are doing that anyway, is mounting one additional file (local_settings.py) that difficult?

And another thought, these parameters have default values – perhaps you can mount the certs and key at their default locations?

@cuu508 commented on GitHub (Aug 19, 2024): Thanks for the suggestion. All three of `sslrootcert`, `sslcert` and `sslkey` take file paths – to use them, you would need to mount files inside the image, or build a custom image. If you are doing that anyway, is mounting one additional file (`local_settings.py`) that difficult? And another thought, these parameters have default values – perhaps you can mount the certs and key at their default locations?

kerem referenced this issue

2026-02-26 00:30:38 +03:00

[PR #721] [MERGED] updated README.md to include MacOS specific instructions #1016