[{"data":1,"prerenderedAt":1160},["ShallowReactive",2],{"post-postgresql-ssl-connection-error":3},{"id":4,"title":5,"body":6,"date":1148,"description":1149,"extension":1150,"meta":1151,"navigation":72,"path":1156,"seo":1157,"stem":1158,"__hash__":1159},"blog\u002Fblog\u002Fpostgresql-ssl-connection-error.md","PostgreSQL接続エラー「SSL is not enabled」の対処方法",{"type":7,"value":8,"toc":1119},"minimark",[9,13,17,111,114,117,125,136,139,142,147,154,184,188,266,269,300,354,358,361,462,465,517,520,527,531,536,635,639,666,670,783,786,821,824,827,840,844,863,866,909,912,916,943,949,970,974,977,991,995,998,1046,1049,1052,1084,1087,1090,1115],[10,11,12],"h2",{"id":12},"エラーの概要",[14,15,16],"p",{},"golang-migrateでPostgreSQLに接続しようとすると、以下のエラーが発生する場合があります。",[18,19,24],"pre",{"className":20,"code":21,"language":22,"meta":23,"style":23},"language-bash shiki shiki-themes github-light github-dark","migrate -path db\u002Fmigration \\\n  -database \"postgresql:\u002F\u002Fusername:password@localhost:5432\u002Fdbname\" \\\n  -verbose up\n\n# エラー\nerror: pq: SSL is not enabled on the server\n","bash","",[25,26,27,47,58,67,74,81],"code",{"__ignoreMap":23},[28,29,32,36,40,44],"span",{"class":30,"line":31},"line",1,[28,33,35],{"class":34},"sScJk","migrate",[28,37,39],{"class":38},"sj4cs"," -path",[28,41,43],{"class":42},"sZZnC"," db\u002Fmigration",[28,45,46],{"class":38}," \\\n",[28,48,50,53,56],{"class":30,"line":49},2,[28,51,52],{"class":38},"  -database",[28,54,55],{"class":42}," \"postgresql:\u002F\u002Fusername:password@localhost:5432\u002Fdbname\"",[28,57,46],{"class":38},[28,59,61,64],{"class":30,"line":60},3,[28,62,63],{"class":38},"  -verbose",[28,65,66],{"class":42}," up\n",[28,68,70],{"class":30,"line":69},4,[28,71,73],{"emptyLinePlaceholder":72},true,"\n",[28,75,77],{"class":30,"line":76},5,[28,78,80],{"class":79},"sJ8bj","# エラー\n",[28,82,84,87,90,93,96,99,102,105,108],{"class":30,"line":83},6,[28,85,86],{"class":34},"error:",[28,88,89],{"class":42}," pq:",[28,91,92],{"class":42}," SSL",[28,94,95],{"class":42}," is",[28,97,98],{"class":42}," not",[28,100,101],{"class":42}," enabled",[28,103,104],{"class":42}," on",[28,106,107],{"class":42}," the",[28,109,110],{"class":42}," server\n",[14,112,113],{},"このエラーは、PostgreSQLクライアントがデフォルトでSSL接続を試みるのに対し、サーバー側でSSLが有効になっていないために発生します。",[10,115,116],{"id":116},"原因",[14,118,119,120,124],{},"PostgreSQLの公式Dockerイメージは、デフォルトで",[121,122,123],"strong",{},"SSLが無効","になっています。",[14,126,127,128,131,132,135],{},"一方、多くのPostgreSQLクライアントライブラリ（",[25,129,130],{},"pq","など）は、セキュリティのためデフォルトで",[121,133,134],{},"SSL接続を要求","します。",[14,137,138],{},"この設定の不一致がエラーの原因です。",[10,140,141],{"id":141},"開発環境での対処方法",[143,144,146],"h3",{"id":145},"sslモードを無効化する","SSLモードを無効化する",[14,148,149,150,153],{},"接続文字列に",[25,151,152],{},"?sslmode=disable","を追加します。",[18,155,157],{"className":20,"code":156,"language":22,"meta":23,"style":23},"migrate -path db\u002Fmigration \\\n  -database \"postgresql:\u002F\u002Fusername:password@localhost:5432\u002Fdbname?sslmode=disable\" \\\n  -verbose up\n",[25,158,159,169,178],{"__ignoreMap":23},[28,160,161,163,165,167],{"class":30,"line":31},[28,162,35],{"class":34},[28,164,39],{"class":38},[28,166,43],{"class":42},[28,168,46],{"class":38},[28,170,171,173,176],{"class":30,"line":49},[28,172,52],{"class":38},[28,174,175],{"class":42}," \"postgresql:\u002F\u002Fusername:password@localhost:5432\u002Fdbname?sslmode=disable\"",[28,177,46],{"class":38},[28,179,180,182],{"class":30,"line":60},[28,181,63],{"class":38},[28,183,66],{"class":42},[143,185,187],{"id":186},"goコードでの設定","Goコードでの設定",[18,189,193],{"className":190,"code":191,"language":192,"meta":23,"style":23},"language-go shiki shiki-themes github-light github-dark","import (\n    \"database\u002Fsql\"\n    _ \"github.com\u002Flib\u002Fpq\"\n)\n\nfunc main() {\n    connStr := \"postgres:\u002F\u002Fusername:password@localhost:5432\u002Fdbname?sslmode=disable\"\n    db, err := sql.Open(\"postgres\", connStr)\n    if err != nil {\n        log.Fatal(err)\n    }\n    defer db.Close()\n}\n","go",[25,194,195,200,205,210,215,219,224,230,236,242,248,254,260],{"__ignoreMap":23},[28,196,197],{"class":30,"line":31},[28,198,199],{},"import (\n",[28,201,202],{"class":30,"line":49},[28,203,204],{},"    \"database\u002Fsql\"\n",[28,206,207],{"class":30,"line":60},[28,208,209],{},"    _ \"github.com\u002Flib\u002Fpq\"\n",[28,211,212],{"class":30,"line":69},[28,213,214],{},")\n",[28,216,217],{"class":30,"line":76},[28,218,73],{"emptyLinePlaceholder":72},[28,220,221],{"class":30,"line":83},[28,222,223],{},"func main() {\n",[28,225,227],{"class":30,"line":226},7,[28,228,229],{},"    connStr := \"postgres:\u002F\u002Fusername:password@localhost:5432\u002Fdbname?sslmode=disable\"\n",[28,231,233],{"class":30,"line":232},8,[28,234,235],{},"    db, err := sql.Open(\"postgres\", connStr)\n",[28,237,239],{"class":30,"line":238},9,[28,240,241],{},"    if err != nil {\n",[28,243,245],{"class":30,"line":244},10,[28,246,247],{},"        log.Fatal(err)\n",[28,249,251],{"class":30,"line":250},11,[28,252,253],{},"    }\n",[28,255,257],{"class":30,"line":256},12,[28,258,259],{},"    defer db.Close()\n",[28,261,263],{"class":30,"line":262},13,[28,264,265],{},"}\n",[143,267,268],{"id":268},"環境変数での管理",[18,270,272],{"className":20,"code":271,"language":22,"meta":23,"style":23},"# .env\nDATABASE_URL=postgresql:\u002F\u002Fusername:password@localhost:5432\u002Fdbname?sslmode=disable\n",[25,273,274,279],{"__ignoreMap":23},[28,275,276],{"class":30,"line":31},[28,277,278],{"class":79},"# .env\n",[28,280,281,285,289,292,295,297],{"class":30,"line":49},[28,282,284],{"class":283},"sVt8B","DATABASE_URL",[28,286,288],{"class":287},"szBVR","=",[28,290,291],{"class":42},"postgresql:\u002F\u002Fusername:password@localhost:5432\u002Fdbname?",[28,293,294],{"class":283},"sslmode",[28,296,288],{"class":287},[28,298,299],{"class":42},"disable\n",[18,301,303],{"className":190,"code":302,"language":192,"meta":23,"style":23},"import (\n    \"os\"\n    \"github.com\u002Fjoho\u002Fgodotenv\"\n)\n\nfunc main() {\n    godotenv.Load()\n    connStr := os.Getenv(\"DATABASE_URL\")\n    db, err := sql.Open(\"postgres\", connStr)\n    \u002F\u002F ...\n}\n",[25,304,305,309,314,319,323,327,331,336,341,345,350],{"__ignoreMap":23},[28,306,307],{"class":30,"line":31},[28,308,199],{},[28,310,311],{"class":30,"line":49},[28,312,313],{},"    \"os\"\n",[28,315,316],{"class":30,"line":60},[28,317,318],{},"    \"github.com\u002Fjoho\u002Fgodotenv\"\n",[28,320,321],{"class":30,"line":69},[28,322,214],{},[28,324,325],{"class":30,"line":76},[28,326,73],{"emptyLinePlaceholder":72},[28,328,329],{"class":30,"line":83},[28,330,223],{},[28,332,333],{"class":30,"line":226},[28,334,335],{},"    godotenv.Load()\n",[28,337,338],{"class":30,"line":232},[28,339,340],{},"    connStr := os.Getenv(\"DATABASE_URL\")\n",[28,342,343],{"class":30,"line":238},[28,344,235],{},[28,346,347],{"class":30,"line":244},[28,348,349],{},"    \u002F\u002F ...\n",[28,351,352],{"class":30,"line":250},[28,353,265],{},[10,355,357],{"id":356},"sslモードの種類","SSLモードの種類",[14,359,360],{},"PostgreSQLは複数のSSLモードをサポートしています。",[362,363,364,380],"table",{},[365,366,367],"thead",{},[368,369,370,374,377],"tr",{},[371,372,373],"th",{},"モード",[371,375,376],{},"説明",[371,378,379],{},"セキュリティレベル",[381,382,383,397,410,423,436,449],"tbody",{},[368,384,385,391,394],{},[386,387,388],"td",{},[25,389,390],{},"disable",[386,392,393],{},"SSL接続を使用しない",[386,395,396],{},"❌ 低",[368,398,399,404,407],{},[386,400,401],{},[25,402,403],{},"allow",[386,405,406],{},"SSL接続を試み、失敗したら非SSL",[386,408,409],{},"⚠️ 低〜中",[368,411,412,417,420],{},[386,413,414],{},[25,415,416],{},"prefer",[386,418,419],{},"SSL接続を優先（デフォルト）",[386,421,422],{},"⚠️ 中",[368,424,425,430,433],{},[386,426,427],{},[25,428,429],{},"require",[386,431,432],{},"SSL接続を要求するが証明書は検証しない",[386,434,435],{},"✅ 中〜高",[368,437,438,443,446],{},[386,439,440],{},[25,441,442],{},"verify-ca",[386,444,445],{},"SSL接続とCA証明書を検証",[386,447,448],{},"✅ 高",[368,450,451,456,459],{},[386,452,453],{},[25,454,455],{},"verify-full",[386,457,458],{},"SSL接続とホスト名も検証",[386,460,461],{},"✅✅ 最高",[143,463,464],{"id":464},"各モードの使い分け",[18,466,468],{"className":20,"code":467,"language":22,"meta":23,"style":23},"# 開発環境: SSL無効\npostgresql:\u002F\u002Fuser:pass@localhost:5432\u002Fdb?sslmode=disable\n\n# ステージング: SSL必須だが証明書検証なし\npostgresql:\u002F\u002Fuser:pass@staging-db:5432\u002Fdb?sslmode=require\n\n# 本番環境: 完全な証明書検証\npostgresql:\u002F\u002Fuser:pass@prod-db:5432\u002Fdb?sslmode=verify-full\n",[25,469,470,475,483,487,492,500,504,509],{"__ignoreMap":23},[28,471,472],{"class":30,"line":31},[28,473,474],{"class":79},"# 開発環境: SSL無効\n",[28,476,477,480],{"class":30,"line":49},[28,478,479],{"class":34},"postgresql:\u002F\u002Fuser:pass@localhost:5432\u002Fdb?sslmode",[28,481,482],{"class":42},"=disable\n",[28,484,485],{"class":30,"line":60},[28,486,73],{"emptyLinePlaceholder":72},[28,488,489],{"class":30,"line":69},[28,490,491],{"class":79},"# ステージング: SSL必須だが証明書検証なし\n",[28,493,494,497],{"class":30,"line":76},[28,495,496],{"class":34},"postgresql:\u002F\u002Fuser:pass@staging-db:5432\u002Fdb?sslmode",[28,498,499],{"class":42},"=require\n",[28,501,502],{"class":30,"line":83},[28,503,73],{"emptyLinePlaceholder":72},[28,505,506],{"class":30,"line":226},[28,507,508],{"class":79},"# 本番環境: 完全な証明書検証\n",[28,510,511,514],{"class":30,"line":232},[28,512,513],{"class":34},"postgresql:\u002F\u002Fuser:pass@prod-db:5432\u002Fdb?sslmode",[28,515,516],{"class":42},"=verify-full\n",[10,518,519],{"id":519},"本番環境での推奨設定",[14,521,522,523,526],{},"本番環境では、セキュリティのため",[121,524,525],{},"必ずSSLを有効化","することを推奨します。",[143,528,530],{"id":529},"postgresqlサーバーでsslを有効化","PostgreSQLサーバーでSSLを有効化",[532,533,535],"h4",{"id":534},"_1-ssl証明書の準備","1. SSL証明書の準備",[18,537,539],{"className":20,"code":538,"language":22,"meta":23,"style":23},"# 自己署名証明書を生成（開発・テスト用）\nopenssl req -new -x509 -days 365 -nodes -text \\\n  -out server.crt \\\n  -keyout server.key \\\n  -subj \"\u002FCN=localhost\"\n\n# パーミッション設定\nchmod 600 server.key\nchown postgres:postgres server.key server.crt\n",[25,540,541,546,574,584,594,602,606,611,622],{"__ignoreMap":23},[28,542,543],{"class":30,"line":31},[28,544,545],{"class":79},"# 自己署名証明書を生成（開発・テスト用）\n",[28,547,548,551,554,557,560,563,566,569,572],{"class":30,"line":49},[28,549,550],{"class":34},"openssl",[28,552,553],{"class":42}," req",[28,555,556],{"class":38}," -new",[28,558,559],{"class":38}," -x509",[28,561,562],{"class":38}," -days",[28,564,565],{"class":38}," 365",[28,567,568],{"class":38}," -nodes",[28,570,571],{"class":38}," -text",[28,573,46],{"class":38},[28,575,576,579,582],{"class":30,"line":60},[28,577,578],{"class":38},"  -out",[28,580,581],{"class":42}," server.crt",[28,583,46],{"class":38},[28,585,586,589,592],{"class":30,"line":69},[28,587,588],{"class":38},"  -keyout",[28,590,591],{"class":42}," server.key",[28,593,46],{"class":38},[28,595,596,599],{"class":30,"line":76},[28,597,598],{"class":38},"  -subj",[28,600,601],{"class":42}," \"\u002FCN=localhost\"\n",[28,603,604],{"class":30,"line":83},[28,605,73],{"emptyLinePlaceholder":72},[28,607,608],{"class":30,"line":226},[28,609,610],{"class":79},"# パーミッション設定\n",[28,612,613,616,619],{"class":30,"line":232},[28,614,615],{"class":34},"chmod",[28,617,618],{"class":38}," 600",[28,620,621],{"class":42}," server.key\n",[28,623,624,627,630,632],{"class":30,"line":238},[28,625,626],{"class":34},"chown",[28,628,629],{"class":42}," postgres:postgres",[28,631,591],{"class":42},[28,633,634],{"class":42}," server.crt\n",[532,636,638],{"id":637},"_2-postgresqlの設定","2. PostgreSQLの設定",[18,640,644],{"className":641,"code":642,"language":643,"meta":23,"style":23},"language-ini shiki shiki-themes github-light github-dark","# postgresql.conf\nssl = on\nssl_cert_file = '\u002Fpath\u002Fto\u002Fserver.crt'\nssl_key_file = '\u002Fpath\u002Fto\u002Fserver.key'\n","ini",[25,645,646,651,656,661],{"__ignoreMap":23},[28,647,648],{"class":30,"line":31},[28,649,650],{},"# postgresql.conf\n",[28,652,653],{"class":30,"line":49},[28,654,655],{},"ssl = on\n",[28,657,658],{"class":30,"line":60},[28,659,660],{},"ssl_cert_file = '\u002Fpath\u002Fto\u002Fserver.crt'\n",[28,662,663],{"class":30,"line":69},[28,664,665],{},"ssl_key_file = '\u002Fpath\u002Fto\u002Fserver.key'\n",[532,667,669],{"id":668},"_3-docker-composeでの設定例","3. Docker Composeでの設定例",[18,671,675],{"className":672,"code":673,"language":674,"meta":23,"style":23},"language-yaml shiki shiki-themes github-light github-dark","version: '3.8'\n\nservices:\n  postgres:\n    image: postgres:15\n    environment:\n      POSTGRES_PASSWORD: password\n    volumes:\n      - .\u002Fcerts\u002Fserver.crt:\u002Fvar\u002Flib\u002Fpostgresql\u002Fserver.crt\n      - .\u002Fcerts\u002Fserver.key:\u002Fvar\u002Flib\u002Fpostgresql\u002Fserver.key\n    command: >\n      -c ssl=on\n      -c ssl_cert_file=\u002Fvar\u002Flib\u002Fpostgresql\u002Fserver.crt\n      -c ssl_key_file=\u002Fvar\u002Flib\u002Fpostgresql\u002Fserver.key\n","yaml",[25,676,677,689,693,701,708,718,725,735,742,750,757,767,772,777],{"__ignoreMap":23},[28,678,679,683,686],{"class":30,"line":31},[28,680,682],{"class":681},"s9eBZ","version",[28,684,685],{"class":283},": ",[28,687,688],{"class":42},"'3.8'\n",[28,690,691],{"class":30,"line":49},[28,692,73],{"emptyLinePlaceholder":72},[28,694,695,698],{"class":30,"line":60},[28,696,697],{"class":681},"services",[28,699,700],{"class":283},":\n",[28,702,703,706],{"class":30,"line":69},[28,704,705],{"class":681},"  postgres",[28,707,700],{"class":283},[28,709,710,713,715],{"class":30,"line":76},[28,711,712],{"class":681},"    image",[28,714,685],{"class":283},[28,716,717],{"class":42},"postgres:15\n",[28,719,720,723],{"class":30,"line":83},[28,721,722],{"class":681},"    environment",[28,724,700],{"class":283},[28,726,727,730,732],{"class":30,"line":226},[28,728,729],{"class":681},"      POSTGRES_PASSWORD",[28,731,685],{"class":283},[28,733,734],{"class":42},"password\n",[28,736,737,740],{"class":30,"line":232},[28,738,739],{"class":681},"    volumes",[28,741,700],{"class":283},[28,743,744,747],{"class":30,"line":238},[28,745,746],{"class":283},"      - ",[28,748,749],{"class":42},".\u002Fcerts\u002Fserver.crt:\u002Fvar\u002Flib\u002Fpostgresql\u002Fserver.crt\n",[28,751,752,754],{"class":30,"line":244},[28,753,746],{"class":283},[28,755,756],{"class":42},".\u002Fcerts\u002Fserver.key:\u002Fvar\u002Flib\u002Fpostgresql\u002Fserver.key\n",[28,758,759,762,764],{"class":30,"line":250},[28,760,761],{"class":681},"    command",[28,763,685],{"class":283},[28,765,766],{"class":287},">\n",[28,768,769],{"class":30,"line":256},[28,770,771],{"class":42},"      -c ssl=on\n",[28,773,774],{"class":30,"line":262},[28,775,776],{"class":42},"      -c ssl_cert_file=\u002Fvar\u002Flib\u002Fpostgresql\u002Fserver.crt\n",[28,778,780],{"class":30,"line":779},14,[28,781,782],{"class":42},"      -c ssl_key_file=\u002Fvar\u002Flib\u002Fpostgresql\u002Fserver.key\n",[143,784,785],{"id":785},"クライアント側の接続設定",[18,787,789],{"className":20,"code":788,"language":22,"meta":23,"style":23},"# SSL必須で接続\nmigrate -path db\u002Fmigration \\\n  -database \"postgresql:\u002F\u002Fuser:pass@db:5432\u002Fmydb?sslmode=require\" \\\n  -verbose up\n",[25,790,791,796,806,815],{"__ignoreMap":23},[28,792,793],{"class":30,"line":31},[28,794,795],{"class":79},"# SSL必須で接続\n",[28,797,798,800,802,804],{"class":30,"line":49},[28,799,35],{"class":34},[28,801,39],{"class":38},[28,803,43],{"class":42},[28,805,46],{"class":38},[28,807,808,810,813],{"class":30,"line":60},[28,809,52],{"class":38},[28,811,812],{"class":42}," \"postgresql:\u002F\u002Fuser:pass@db:5432\u002Fmydb?sslmode=require\"",[28,814,46],{"class":38},[28,816,817,819],{"class":30,"line":69},[28,818,63],{"class":38},[28,820,66],{"class":42},[10,822,823],{"id":823},"セキュリティ上の考慮事項",[143,825,826],{"id":826},"ローカル開発環境",[828,829,830,837],"ul",{},[831,832,833,836],"li",{},[25,834,835],{},"sslmode=disable","でも問題ない",[831,838,839],{},"ネットワークが信頼できる環境（localhost）",[143,841,843],{"id":842},"ステージング本番環境","ステージング\u002F本番環境",[828,845,846,853,860],{},[831,847,848,849,852],{},"最低でも",[25,850,851],{},"sslmode=require","を使用",[831,854,855,856,859],{},"可能であれば",[25,857,858],{},"sslmode=verify-full","を推奨",[831,861,862],{},"Let's Encryptなどで正式な証明書を取得",[143,864,865],{"id":865},"接続文字列の管理",[18,867,869],{"className":190,"code":868,"language":192,"meta":23,"style":23},"\u002F\u002F ❌ ハードコード（危険）\nconnStr := \"postgres:\u002F\u002Fadmin:password123@prod-db\u002Fmydb\"\n\n\u002F\u002F ✅ 環境変数で管理\nconnStr := os.Getenv(\"DATABASE_URL\")\n\n\u002F\u002F ✅ シークレット管理ツールを使用\n\u002F\u002F AWS Secrets Manager, Google Secret Manager, HashiCorp Vault など\n",[25,870,871,876,881,885,890,895,899,904],{"__ignoreMap":23},[28,872,873],{"class":30,"line":31},[28,874,875],{},"\u002F\u002F ❌ ハードコード（危険）\n",[28,877,878],{"class":30,"line":49},[28,879,880],{},"connStr := \"postgres:\u002F\u002Fadmin:password123@prod-db\u002Fmydb\"\n",[28,882,883],{"class":30,"line":60},[28,884,73],{"emptyLinePlaceholder":72},[28,886,887],{"class":30,"line":69},[28,888,889],{},"\u002F\u002F ✅ 環境変数で管理\n",[28,891,892],{"class":30,"line":76},[28,893,894],{},"connStr := os.Getenv(\"DATABASE_URL\")\n",[28,896,897],{"class":30,"line":83},[28,898,73],{"emptyLinePlaceholder":72},[28,900,901],{"class":30,"line":226},[28,902,903],{},"\u002F\u002F ✅ シークレット管理ツールを使用\n",[28,905,906],{"class":30,"line":232},[28,907,908],{},"\u002F\u002F AWS Secrets Manager, Google Secret Manager, HashiCorp Vault など\n",[10,910,911],{"id":911},"トラブルシューティング",[143,913,915],{"id":914},"エラー-certificate-verify-failed","エラー: certificate verify failed",[18,917,919],{"className":20,"code":918,"language":22,"meta":23,"style":23},"error: x509: certificate signed by unknown authority\n",[25,920,921],{"__ignoreMap":23},[28,922,923,925,928,931,934,937,940],{"class":30,"line":31},[28,924,86],{"class":34},[28,926,927],{"class":42}," x509:",[28,929,930],{"class":42}," certificate",[28,932,933],{"class":42}," signed",[28,935,936],{"class":42}," by",[28,938,939],{"class":42}," unknown",[28,941,942],{"class":42}," authority\n",[14,944,945,948],{},[121,946,947],{},"対処法",": CA証明書を指定する",[18,950,952],{"className":20,"code":951,"language":22,"meta":23,"style":23},"postgresql:\u002F\u002Fuser:pass@db:5432\u002Fmydb?sslmode=verify-ca&sslrootcert=\u002Fpath\u002Fto\u002Fca.crt\n",[25,953,954],{"__ignoreMap":23},[28,955,956,959,962,965,967],{"class":30,"line":31},[28,957,958],{"class":34},"postgresql:\u002F\u002Fuser:pass@db:5432\u002Fmydb?sslmode",[28,960,961],{"class":42},"=verify-ca",[28,963,964],{"class":283},"&sslrootcert",[28,966,288],{"class":287},[28,968,969],{"class":42},"\u002Fpath\u002Fto\u002Fca.crt\n",[143,971,973],{"id":972},"エラー-server-does-not-support-ssl","エラー: server does not support SSL",[14,975,976],{},"PostgreSQLサーバーでSSLが無効になっています。",[18,978,980],{"className":641,"code":979,"language":643,"meta":23,"style":23},"# postgresql.conf\nssl = on  # この設定を確認\n",[25,981,982,986],{"__ignoreMap":23},[28,983,984],{"class":30,"line":31},[28,985,650],{},[28,987,988],{"class":30,"line":49},[28,989,990],{},"ssl = on  # この設定を確認\n",[143,992,994],{"id":993},"docker環境での証明書パス問題","Docker環境での証明書パス問題",[14,996,997],{},"コンテナ内のパスを正しく指定します。",[18,999,1001],{"className":672,"code":1000,"language":674,"meta":23,"style":23},"volumes:\n  - .\u002Fcerts:\u002Fcerts:ro\n\ncommand: >\n  -c ssl=on\n  -c ssl_cert_file=\u002Fcerts\u002Fserver.crt\n  -c ssl_key_file=\u002Fcerts\u002Fserver.key\n",[25,1002,1003,1010,1018,1022,1031,1036,1041],{"__ignoreMap":23},[28,1004,1005,1008],{"class":30,"line":31},[28,1006,1007],{"class":681},"volumes",[28,1009,700],{"class":283},[28,1011,1012,1015],{"class":30,"line":49},[28,1013,1014],{"class":283},"  - ",[28,1016,1017],{"class":42},".\u002Fcerts:\u002Fcerts:ro\n",[28,1019,1020],{"class":30,"line":60},[28,1021,73],{"emptyLinePlaceholder":72},[28,1023,1024,1027,1029],{"class":30,"line":69},[28,1025,1026],{"class":681},"command",[28,1028,685],{"class":283},[28,1030,766],{"class":287},[28,1032,1033],{"class":30,"line":76},[28,1034,1035],{"class":42},"  -c ssl=on\n",[28,1037,1038],{"class":30,"line":83},[28,1039,1040],{"class":42},"  -c ssl_cert_file=\u002Fcerts\u002Fserver.crt\n",[28,1042,1043],{"class":30,"line":226},[28,1044,1045],{"class":42},"  -c ssl_key_file=\u002Fcerts\u002Fserver.key\n",[10,1047,1048],{"id":1048},"まとめ",[14,1050,1051],{},"PostgreSQL接続でのSSLエラーを解決する方法は次の通りです。",[828,1053,1054,1063,1072,1078],{},[831,1055,1056,1059,1060,1062],{},[121,1057,1058],{},"開発環境"," ",[25,1061,835],{},"で問題なし",[831,1064,1065,1068,1069,1071],{},[121,1066,1067],{},"本番環境"," 必ずSSLを有効化し、",[25,1070,851],{},"以上を使用",[831,1073,1074,1077],{},[121,1075,1076],{},"セキュリティ"," 接続文字列は環境変数やシークレット管理ツールで管理",[831,1079,1080,1083],{},[121,1081,1082],{},"証明書"," 本番環境では正式な証明書を使用",[14,1085,1086],{},"環境に応じてSSLモードを選択することが重要です。",[143,1088,1089],{"id":1089},"参考リンク",[828,1091,1092,1101,1108],{},[831,1093,1094],{},[1095,1096,1100],"a",{"href":1097,"rel":1098},"https:\u002F\u002Fwww.postgresql.jp\u002Fdocument\u002Fcurrent\u002Fhtml\u002Flibpq-ssl.html",[1099],"nofollow","PostgreSQL SSL サポート",[831,1102,1103],{},[1095,1104,1107],{"href":1105,"rel":1106},"https:\u002F\u002Fgithub.com\u002Fgolang-migrate\u002Fmigrate",[1099],"golang-migrate",[831,1109,1110],{},[1095,1111,1114],{"href":1112,"rel":1113},"https:\u002F\u002Fgithub.com\u002Flib\u002Fpq",[1099],"pq ドライバー",[1116,1117,1118],"style",{},"html pre.shiki code .sScJk, html code.shiki .sScJk{--shiki-default:#6F42C1;--shiki-dark:#B392F0}html pre.shiki code .sj4cs, html code.shiki .sj4cs{--shiki-default:#005CC5;--shiki-dark:#79B8FF}html pre.shiki code .sZZnC, html code.shiki .sZZnC{--shiki-default:#032F62;--shiki-dark:#9ECBFF}html pre.shiki code .sJ8bj, html code.shiki .sJ8bj{--shiki-default:#6A737D;--shiki-dark:#6A737D}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html pre.shiki code .sVt8B, html code.shiki .sVt8B{--shiki-default:#24292E;--shiki-dark:#E1E4E8}html pre.shiki code .szBVR, html code.shiki .szBVR{--shiki-default:#D73A49;--shiki-dark:#F97583}html pre.shiki code .s9eBZ, html code.shiki .s9eBZ{--shiki-default:#22863A;--shiki-dark:#85E89D}",{"title":23,"searchDepth":49,"depth":49,"links":1120},[1121,1122,1123,1128,1131,1135,1140,1145],{"id":12,"depth":49,"text":12},{"id":116,"depth":49,"text":116},{"id":141,"depth":49,"text":141,"children":1124},[1125,1126,1127],{"id":145,"depth":60,"text":146},{"id":186,"depth":60,"text":187},{"id":268,"depth":60,"text":268},{"id":356,"depth":49,"text":357,"children":1129},[1130],{"id":464,"depth":60,"text":464},{"id":519,"depth":49,"text":519,"children":1132},[1133,1134],{"id":529,"depth":60,"text":530},{"id":785,"depth":60,"text":785},{"id":823,"depth":49,"text":823,"children":1136},[1137,1138,1139],{"id":826,"depth":60,"text":826},{"id":842,"depth":60,"text":843},{"id":865,"depth":60,"text":865},{"id":911,"depth":49,"text":911,"children":1141},[1142,1143,1144],{"id":914,"depth":60,"text":915},{"id":972,"depth":60,"text":973},{"id":993,"depth":60,"text":994},{"id":1048,"depth":49,"text":1048,"children":1146},[1147],{"id":1089,"depth":60,"text":1089},"2022-10-30","golang-migrateでPostgreSQLに接続する際のSSLエラーの原因と、開発環境・本番環境それぞれでの適切な対処方法を解説します。","md",{"tags":1152},[1153,1154,1155],"postgresql","golang","ssl","\u002Fblog\u002Fpostgresql-ssl-connection-error",{"title":5,"description":1149},"blog\u002Fpostgresql-ssl-connection-error","9eIYVTSW6bj_N3n-p0JJYwCPeyF390FGXp3eQQGGl_A",1773664053964]