How to force Grafana Cloud server to use ssl client certs when making postgres connection

I am trying to migrate from a local grafana server instance running on my laptop, to a Grafana Cloud server instance.

My (remote) postgres server requires that clients connect with ssl certs, not username/password. On my local Grafana server, I set sslmode = ‘require’, and pass the paths to my client ssl cert and key in env variables or .ini file. Grafana has no difficulty connecting and making queries to my postgres db.

HOWEVER, when I set up my Grafana Cloud instance, I know of no way to pass the Grafana Cloud server instance my client ssl cert and key. So when I attempt to configure postgres, I receive the following error:
‘pq: connection requires a valid client certificate’

Is there a mechanism for doing this? Any help would be appreciated.

Thanks,
Scott

Just out of curiosity what env variables and what .ini configuration did you have set to connect to your psql instance?

I have the same question. I have a Postgres Cloud SQL instance running i Google Cloud, it requires clients to connect using SSL.

Connections are working from Intellij by supplying these properties:

ssl: true
sslmode: require
sslcert: .../client-cert.pem
sslkey: .../client-key.pk8
sslrootcert: .../server-ca.pem

In my hosted Grafana server config I can find where to specify sslmode but I cannot find where to specify sslcert, sslkey and sslrootcert.

(BTW, I had to convert the private key in order to make it work: openssl pkcs8 -topk8 -inform PEM -outform DER -in client-cert.pem -out client-cert.pk8 -nocrypt)

I recently came across the following two links:

https://grafana.com/docs/administration/provisioning/

Hasn’t helped just yet. However, it should give you an understanding on how to apply the ssl certs to the datasource configuration.