Comment From: scottfrederick
Configuring SSL for JDBC connections is not as seamless as it is for the other client connection libraries that have been enhanced with support for Spring Boot SSL bundles. Most JDBC drivers require certificates to be provided as files, not as an SSLContext, SSLSocketFactory or other Java object that can be derived from certificates and private keys and passed to an API.
The table below shows the configuration options available for JDBC drivers.
| JDBC driver | SSL configuration |
|---|---|
| PostgreSQL | JDBC URL parameters sslfactory to provide a custom SSLSocketFactory implementation class name, or sslcert, sslkey, sslrootcert to provide files |
| MySQL | javax.net.ssl.* system properties or Connector/J connection properties to provide DER-encoded files |
| MariaDB | serverSslCert JDBC URL parameter to provide PEM file or DER-encoded string value |
| Oracle | javax.net.ssl.* system properties to provide JKS files |
| SQL Server | javax.net.ssl.* system properties to provide JKS files |
Given the current landscape, we do not think it is feasible at this time to provide properties under spring.datasource that would only map cleanly to PostgreSQL, as we don't want to add properties that would only be effective for one driver. We'll put this issue on hold for now.