Sometimes we want to connect to a PostgreSQL database through SSL/TLS, but the database's CA Certificate aren't trusted by the computer. This is the case with DigitalOcean's Managed Database offerings. There are a couple different ways to solve this. First, you can simply use sslmode=require to skip verification; however, this opens the application up to man-in-the-middle attacks, as it can't verify the server's identity. The second way is to verify the root certificate ourselves by hooking one of Npgsql's callbacks.