I am using pgocaml with eliom over the cloud, securing connections between eliom applicative server and postgresql server with ssl. I would like to require that the client (eliom side) checks the database certificate, in order to prevent the man in the middle attack. It is usally done adding parameter sslmode=verify-full to psql client, like this:
psql -h db-host.com -p 5432 \ "dbname=name user=user sslrootcert=ca-2020-root.pem sslmode=verify-full"
How can I achieve this with pgocaml / eliom / ocsigenserver ? I did not find it in the docs, I hope this is possible.
Have a good day !