Why Does My OpenLink ODBC Driver Hang When Connecting to PostgreSQL via SSL with Certificate Authentication?

Data Access Drivers & Connectors
1

Hello

I am using the OpenLink ODBC driver to connect to a PostgreSQL 14 instance over SSL; with client certificate authentication enabled . :slightly_smiling_face: The connection works fine without certificates but once I configure sslmode=require & specify sslcert, sslkey, & sslrootcert in the DSN / connection string, the driver hangs indefinitely it doesn’t fail or return an error, it just sits until manually terminated. :innocent:

I have confirmed that the same certificate-based connection string works using other PostgreSQL-native tools like psql & DBeaver. :innocent: Permissions on the certificate and key files are correctly set and the driver logs don’t reveal much other than “starting connection.” :upside_down_face:

This makes me wonder whether the OpenLink driver handles SSL handshakes differently / if it’s expecting additional parameters like sslcompression or custom trust store locations. :thinking:
Checked https://uda.openlinksw.com/odbc/driver/PostgreSQL/ documentation guide for reference. Although my background is mostly in web development & understanding what is javascript, configuring secure database drivers like this has presented an unexpected learning curve.

Is there a known compatibility issue / a special configuration needed when using OpenLink drivers for PostgreSQL with SSL & client certs? :thinking:Any help or working example DSNs from users with similar setups would be greatly appreciated.

Thank you !! :slightly_smiling_face:

2

What is the version of the OpenLink PostgreSQL ODBC Driver being used and on what OS ?

What is the JDBC connect string being passed with DBeaver that is working ?

What does the output of running the query SELECT * FROM pg_stat_ssl LIMIT 1; from the DBeaver connection return ?

I setup a PostgreSQL 15 database with SSL enabled and can connect with the OpenLink Release 9.0 ODBC for macOS, with the sslmode=require method, which does not require the certificate file to be provided to work. Thus please removed the certificate file and attempt the connect without them. The client certificate files are require if using the sslmode=verify_full method.