From adefbf25b4872af172c0d322f5c2180fd00b4410 Mon Sep 17 00:00:00 2001
From: Danielle Lancashire <dani@builds.terrible.systems>
Date: Mon, 2 Jun 2025 16:01:21 +0200
Subject: [PATCH] factor-outbound-pg: Support SslMode::Require

When specifying SslMode::Require, postgres clients shouldn't validate
TLS certificates:

https://www.postgresql.org/docs/current/libpq-ssl.html

> require: I want my data to be encrypted, and I accept the overhead. I trust that the network will make sure I always connect to the server I want.

It's not a great security mode, but is a really useful feature when you
can't easily install a self-signed CA on your host or use a public
certificate for the database.

Signed-off-by: Danielle Lancashire <dani@builds.terrible.systems>
---
 crates/factor-outbound-pg/src/client.rs | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/crates/factor-outbound-pg/src/client.rs b/crates/factor-outbound-pg/src/client.rs
index 3f0a890a97..37fd740a05 100644
--- a/crates/factor-outbound-pg/src/client.rs
+++ b/crates/factor-outbound-pg/src/client.rs
@@ -43,7 +43,15 @@ impl Client for TokioClient {
             spawn_connection(connection);
             Ok(client)
         } else {
-            let builder = TlsConnector::builder();
+            let mut builder = TlsConnector::builder();
+
+            // SslMode::Require shouldn't perform TLS verification and is often
+            // used when you can't use a public TLS certificate on the postgres
+            // server, and can't easily install a self-signed CA on your system.
+            if config.get_ssl_mode() == SslMode::Require {
+                builder.danger_accept_invalid_certs(true);
+            }
+
             let connector = MakeTlsConnector::new(builder.build()?);
             let (client, connection) = config.connect(connector).await?;
             spawn_connection(connection);