1

When running SchemaSpy get error:

Connection failed because of the following error: "no pg_hba.conf entry for host "xxx.xxx.xxx.xxx", user "xxxx", database "xxx", SSL off"

The error occurs because the database does require an SSL connection.

Is there a way to turn on the SSL flag for a connection in SchemaSpy, I opened up the jar file but couldn't find anything. I know the PostgreSQL JDBC Driver supports SSL so this should be theoretically possible.

Otherwise if any one knows any opensource/freeware tools for reverse engineering a postgresql database with an SSL connections, that would help a lot.

Thanks.

Improve this question

2 Answers 2

Reset to default
2

Do it like this:

java -jar schemaSpy_5.0.0 -t pgsql -host your-host-url -db your-database-name -s your-database-schema -u your-username -p your-password -connprops "ssl\=true;sslfactory\=org.postgresql.ssl.NonValidatingFactory" -o path-to-your-output-directory -dp path-to-your-jdbc-driver-jar-file

The trick: adding some additional parameters using the -connprops option: we are setting SSL to true (ssl parameter) and we are asking the client (i.e., the driver) to unconditionally accept the SSL connection (sslfactory parameter).

Improve this answer
0

Per the PgJDBC documentation, use the ssl=true option in your URL's parameters, e.g.

jdbc:postgresql://myhost/mydb?ssl=true

If the host doesn't have a valid certificate or the cert doesn't match its hostname you can disable SSL validation too.

SchemaSpy accepts a JDBC URL for the connection, so this will work fine.

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.