diff --git a/Geekbot.net/Database/DatabaseInitializer.cs b/Geekbot.net/Database/DatabaseInitializer.cs
index 582327f..637e7b8 100644
--- a/Geekbot.net/Database/DatabaseInitializer.cs
+++ b/Geekbot.net/Database/DatabaseInitializer.cs
@@ -35,7 +35,9 @@ namespace Geekbot.net.Database
                         Port = _runParameters.DbPort,
                         Database = _runParameters.DbDatabase,
                         Username = _runParameters.DbUser,
-                        Password = _runParameters.DbPassword
+                        Password = _runParameters.DbPassword,
+                        RequireSsl = _runParameters.DbSsl,
+                        TrustServerCertificate = _runParameters.DbTrustCert
                     });
                 }
             }
diff --git a/Geekbot.net/Database/SqlConnectionString.cs b/Geekbot.net/Database/SqlConnectionString.cs
index 3228a05..70346eb 100644
--- a/Geekbot.net/Database/SqlConnectionString.cs
+++ b/Geekbot.net/Database/SqlConnectionString.cs
@@ -7,10 +7,13 @@
         public string Database { get; set; }
         public string Username { get; set; }
         public string Password { get; set; }
+        public bool RequireSsl { get; set; }
+        public bool TrustServerCertificate { get; set; }
 
         public override string ToString()
         {
-            return $"Server={Host};Port={Port};Database={Database};Uid={Username};Pwd={Password};";
+            var sslMode = RequireSsl ? "Require" : "Prefer";
+            return $"ApplicationName=Geekbot;Server={Host};Port={Port};Database={Database};Uid={Username};Pwd={Password};SSLMode={sslMode};TrustServerCertificate={TrustServerCertificate.ToString()};";
         }
     }
 }
\ No newline at end of file
diff --git a/Geekbot.net/Lib/RunParameters.cs b/Geekbot.net/Lib/RunParameters.cs
index 1ddbd46..8ebed67 100644
--- a/Geekbot.net/Lib/RunParameters.cs
+++ b/Geekbot.net/Lib/RunParameters.cs
@@ -43,6 +43,12 @@ namespace Geekbot.net.Lib
 
         [Option("db-password", HelpText = "Set a posgresql password (default: empty) (env: DB_PASSWORD)")]
         public string DbPassword { get; set; } = ParamFallback("DB_PASSWORD", "");
+
+        [Option("db-require-ssl", HelpText = "Require SSL to connect to the database (default: false) (env: DB_REQUIRE_SSL)")]
+        public bool DbSsl { get; set; } = ParamFallback("DB_REQUIRE_SSL", false);
+        
+        [Option("db-trust-cert", HelpText = "Trust the database certificate, regardless if it is valid (default: false) (env: DB_TRUST_CERT)")]
+        public bool DbTrustCert { get; set; } = ParamFallback("DB_TRUST_CERT", false);
         
         // Logging
         [Option("db-logging", HelpText = "Enable database logging (default: false) (env: DB_LOGGING)")]