diff options
| author | mike bayer <mike_mp@zzzcomputing.com> | 2021-05-24 17:36:00 +0000 |
|---|---|---|
| committer | Gerrit Code Review <gerrit@ci3.zzzcomputing.com> | 2021-05-24 17:36:00 +0000 |
| commit | bba5aa9adeb10df2953f1dc7b519f8b2e4e8a084 (patch) | |
| tree | af7e3606875dbe48b5325e868872a8772dfebc81 /lib/sqlalchemy | |
| parent | fd3f98ee38b496916122d1a9a29b02d59ca671f9 (diff) | |
| parent | 7c2c5ccf285333439df523be4ab419fa3c629871 (diff) | |
| download | sqlalchemy-bba5aa9adeb10df2953f1dc7b519f8b2e4e8a084.tar.gz | |
Merge "Add SSL connection info for psycopg2 and pg8000"
Diffstat (limited to 'lib/sqlalchemy')
| -rw-r--r-- | lib/sqlalchemy/dialects/postgresql/pg8000.py | 27 | ||||
| -rw-r--r-- | lib/sqlalchemy/dialects/postgresql/psycopg2.py | 7 |
2 files changed, 34 insertions, 0 deletions
diff --git a/lib/sqlalchemy/dialects/postgresql/pg8000.py b/lib/sqlalchemy/dialects/postgresql/pg8000.py index d999cdf6f..e39f61ddc 100644 --- a/lib/sqlalchemy/dialects/postgresql/pg8000.py +++ b/lib/sqlalchemy/dialects/postgresql/pg8000.py @@ -39,6 +39,33 @@ passed to :func:`_sa.create_engine` using the ``client_encoding`` parameter:: engine = create_engine( "postgresql+pg8000://user:pass@host/dbname", client_encoding='utf8') +.. _pg8000_ssl: + +SSL Connections +---------------- + +pg8000 accepts a Python ``SSLContext`` object which may be specified using the +:paramref:`_sa.create_engine.connect_args` dictionary:: + + import ssl + ssl_context = ssl.create_default_context() + engine = sa.create_engine( + "postgresql+pg8000://scott:tiger@192.168.0.199:5432/test, + connect_args={'ssl_context': ssl_context}, + ) + +If the server uses an automatically-generated certificate that is self-signed +or does not match the host name (as seen from the client), it may also be +necessary to disable hostname checking:: + + import ssl + ssl_context = ssl.create_default_context() + ssl_context.check_hostname=False + ssl_context.verify_mode = ssl.CERT_NONE + engine = sa.create_engine( + "postgresql+pg8000://scott:tiger@192.168.0.199:5432/test, + connect_args={'ssl_context': ssl_context}, + ) .. _pg8000_isolation_level: diff --git a/lib/sqlalchemy/dialects/postgresql/psycopg2.py b/lib/sqlalchemy/dialects/postgresql/psycopg2.py index c2b679022..1d71e38d4 100644 --- a/lib/sqlalchemy/dialects/postgresql/psycopg2.py +++ b/lib/sqlalchemy/dialects/postgresql/psycopg2.py @@ -51,6 +51,13 @@ psycopg2-specific keyword arguments which are accepted by :ref:`psycopg2_executemany_mode` +* ``sslmode``: Controls psycopg2's behavior for encrypted connections. + The psycopg2 default is ``sslmode=prefer``; it will attempt an SSL + connection and if that fails it will fall back to an unencrypted connection. + ``sslmode=require`` can be used to only establish secure connections. (Other + modes are available. See the psycopg2 documentation for details.) + + Unix Domain Connections ------------------------ |