-
Goal: Secure remote connectivity
-
Steps: Followed steps that are available in the Retool documentation but those settings are nowhere available in my cloud retool; were they meant for stand alone systems? I need the necessary SSL certs and info (attached screen) for connecting securely remote to my retool database.
-
Details: None
-
Screenshots: Need cert. Take a look at the attached screen from DBeaver.
This has been covered before AFAIK... Check out this post
And I just connected to Retool DB on Dbeaver....
Grab the host information and don't use URL as it isn't needed eventhough it is in my screenshot.... Also make sure Dbeaver is up to date.
This is not a secure connection that traffic goes out in the clear and someone can grab the passwords and the data that is being transmitted. I want to secure my traffic with SSH or SSL; I am using DBeaver. Does anyone have a step by step on the ReTool and the DBeaver side? I don't see any options on ReTool DB resource for SSL or SSH I just see the Postgres Connection URL under Retool Database -> Connection.
Thank you for responding. I need to secure the traffic, SSL or SSH, I know how to connect, just need to secure it. The method shown at that post is not secure.
Hi @Keyvan,
To answer your question on setting up SSH/SSL for Retool DB, this would only be possible if you are self-hosting Retool.
As you would have your very own Retool DB(Postgres) instance running on your machine which you could have full control over how it is accessed. If you are self hosted, you could create an SSH bastion.
I believe above you mentioned you are on the cloud, in this case your Retool DB is being hosted and run on our machines, which for security reasons do not allow for individual users to configure unique connection set ups
Just stumbled across the same question i have.
So that means if we connect from our own clients (Datagrip, DBeaver etc.) the data is basically unencrtypted through the internet?
Hi @whynot,
I just checked with out engineers and they told me that "Customers can access their neon Retool DB instances directly by copying the connection string, doing that includes ?sslmode=require
flag so it should be encrypted if flipped to true"