Postgres: Add option to allow invalid certificates

connector-mango/example-config.toml

@@ -16,3 +16,4 @@ retry_query_max_count = 3
 retry_query_sleep_secs = 5
 retry_connection_sleep_secs = 30
 fatal_connection_timeout_secs = 600
+allow_invalid_certs = false

connector-raw/example-config.toml

@@ -16,3 +16,4 @@ retry_query_max_count = 3
 retry_query_sleep_secs = 5
 retry_connection_sleep_secs = 30
 fatal_connection_timeout_secs = 600
+allow_invalid_certs = false

lib/src/lib.rs

@@ -78,6 +78,8 @@ pub struct PostgresConfig {
     pub retry_connection_sleep_secs: u64,
     /// Fatal error when the connection can't be reestablished this long
     pub fatal_connection_timeout_secs: u64,
+    /// Allow invalid TLS certificates, passed to native_tls danger_accept_invalid_certs
+    pub allow_invalid_certs: bool,
 }
 
 #[derive(Clone, Debug, Deserialize)]

lib/src/postgres_target.rs

@@ -14,7 +14,11 @@ async fn postgres_connection(
 ) -> anyhow::Result<async_channel::Receiver<Option<tokio_postgres::Client>>> {
     let (tx, rx) = async_channel::unbounded();
 
-    let tls = MakeTlsConnector::new(TlsConnector::new()?);
+    let tls = MakeTlsConnector::new(
+        TlsConnector::builder()
+            .danger_accept_invalid_certs(config.allow_invalid_certs)
+            .build()?,
+    );
 
     let config = config.clone();
     let mut initial = Some(tokio_postgres::connect(&config.connection_string, tls.clone()).await?);