TLS/SSL is used to provide communication security (privacy, integrity and authenticity). When you set `OpenSSL::SSL::VERIFY_NONE` you sacrifice authenticity – that is, you cannot be sure that you are actually talking to the database you intend to. `VERIFY_NONE` should only be used in the rare cases where authentic identities are not available, not recommended generally for connection management.

bpo committed Apr 12, 2022

Updated Connection Management (markdown)

casperisfine committed Apr 6, 2022

Updated Connection Management (markdown)

bf4 committed Apr 5, 2022

Created Connection Management (markdown)

bf4 committed Apr 5, 2022