'Cannot force Postgresql to accept SSL connections only

Here's my current config:

postgresql.conf:

ssl = on
ssl_cert_file = '/etc/postgresql/12/main/fullchain.pem'
ssl_key_file = '/etc/postgresql/12/main/privkey.pem'

pg_hba.conf:

local   all             postgres                                peer

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     peer
# IPv4 local connections:
host    all             all             127.0.0.1/32            md5
# IPv6 local connections:
host    all             all             ::1/128                 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
local   replication     all                                     peer
host    replication     all             127.0.0.1/32            md5
host    replication     all             ::1/128                 md5
# IPv4 remote connections:
hostssl all             all             0.0.0.0/0               md5
# IPv6 remote connections:
hostssl all             all             ::/0                    md5

Still, my Django application is able to migrate database changes with and without 'OPTIONS': {'sslmode': 'require'} and that is not what I want. I want Postgresql to reject non-ssl connections and I don't know what I'm missing here.

P.S: Certificate is valid and created by certbot.

Solution 1:^[1]

Looks ok. To verify you should try with

'OPTIONS': {'sslmode': 'disable'}

It probably defaults to prefer so it was still connecting using SSL.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution	Source
Solution 1	Eelke

'Cannot force Postgresql to accept SSL connections only

Solution 1:[1]

Sources

Related Questions

Solution 1:^[1]