Connecting to the Database (Using SSL)

When you use psycopy2 to connect to the GaussDB Kernel server, you can enable SSL to encrypt the communication between the client and server. To enable SSL, you must have the server certificate, client certificate, and private key files. For details on how to obtain these files, see related documents and commands of OpenSSL.

Use the .ini file (the configparser package of Python can parse this type of configuration file) to save the configuration information about the database connection.
The file content is as follows:
```
[opengauss]  
host=localhost
database=postgres  
user=omm
password=test
```
Add SSL connection parameters sslmode, sslcert, sslkey, and sslrootcert to the connection options. a. sslmode: Table 1 b. sslcert: client certificate path c. sslkey: client key path d. sslrootcert: root certificate path

Use the psycopg2.connect function to obtain the connection object.

from configparser import ConfigParser
import psycopg2
parser = ConfigParser()
parser.read('database.ini')
parameters = dict()
for parameter, value in parser.items('opengauss'):
    parameters[parameter] = value
connection = psycopg2.connect(**parameters)

Use the connection object to create a cursor object.
```
cursor = connection.cursor()
```

Table 1 sslmode options

sslmode	Whether SSL Encryption Is Enabled	Description
disable	No	SSL connection is not enabled.
allow	Possible	If the database server requires SSL connection, SSL connection can be enabled. However, authenticity of the database server will not be verified.
prefer	Possible	If the database supports SSL connection, SSL connection is preferred. However, authenticity of the database server will not be verified.
require	Yes	SSL connection is required and data is encrypted. However, authenticity of the database server will not be verified.
verify-ca	Yes	The SSL connection must be enabled.
verify-full	Yes	The SSL connection must be enabled. Currently, the SSL connection is not supported.