2

I've set up a PostgreSQL instance on Google Cloud SQL and have set it up now to only allow SSL connections. I'm able to connect from my workstation via psql and from some apps like R Studio.

However I'm trying to connect via the GCloud Shell and don't seem to see any options to connect with SSL. There are options to manage certifications and I've created another client key and downloaded the files for it in my cloud shell account, I just don't see options for using them to make a connection. Without it just tells me there isn't an HBA for a "No SSL" connection.

Here is what I see (some things obfuscated):

don@cloudshell:~ (xxx)$ gcloud sql connect foo --user=postgres
Whitelisting your IP for incoming connection for 5 minutes...done.
Connecting to database with SQL user [postgres].Password for user postgres:
psql: FATAL:  connection requires a valid client certificate
FATAL:  pg_hba.conf rejects connection for host "a.b.c.d", user "postgres", database "postgres", SSL off
Improve this question

1 Answer 1

Reset to default
5

As per Cloud SQL GCP docs:

Cloud Shell connections do not support SSL. Connections from Cloud Shell fail if the instance is configured to accept only SSL connections.

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

OK thanks. In my defense, that text only exists on the MySQL version of that document. Click on the PostgreSQL version and it doesn't mention the cloud shell limitation. Marked as answered.
I've submitted feedback on that documentation page about the line missing for the PostgreSQL side. Thanks again.
You're absolutely correct. I was about to report this miss in the docs, but as you've already done it, thanks!
Everything Google does is broken.
From the docs: The gcloud sql connect command does not support connecting to a Cloud SQL instance using private IP, or using SSL/TLS. To connect with encryption, install and use the proxy in the Cloud Shell: Install the proxy (Linux 64-bit) in the /home/USER directory. Start the proxy, using Cloud SDK authentication: ./cloud_sql_proxy -instances=INSTANCE_CONNECTION_NAME=tcp:5432 & Connect to the database by using the TCP connection: psql -U USERNAME --host=127.0.0.1

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.