diff --git a/docker-compose.yml b/docker-compose.yml
index bbe31759..20f5e1be 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -23,6 +23,14 @@ services:
       - TRUST_PROXY=0
       - DATABASE_URL=postgresql://postgres@postgres/planka
       - SECRET_KEY=notsecretkey
+
+      # related: https://github.com/knex/knex/issues/2354
+      # As knex does not pass query parameters from the connection string we
+      # have to use environment variables in order to pass the desired values, e.g.
+      # - PGSSLMODE=<value>
+
+      # Configure knex to accept SSL certificates
+      # - KNEX_REJECT_UNAUTHORIZED_SSL_CERTIFICATE=false
     depends_on:
       - postgres
 
diff --git a/server/.env.sample b/server/.env.sample
index b9b6f2e9..9024a6b5 100644
--- a/server/.env.sample
+++ b/server/.env.sample
@@ -9,6 +9,14 @@ SECRET_KEY=notsecretkey
 # TRUST_PROXY=0
 # TOKEN_EXPIRES_IN=365 # In days
 
+# related: https://github.com/knex/knex/issues/2354
+# As knex does not pass query parameters from the connection string we
+# have to use environment variables in order to pass the desired values, e.g.
+# PGSSLMODE=<value>
+
+# Configure knex to accept SSL certificates
+# KNEX_REJECT_UNAUTHORIZED_SSL_CERTIFICATE=false
+
 ## Do not edit this
 
 TZ=UTC
diff --git a/server/db/knexfile.js b/server/db/knexfile.js
index ef294733..fdd4a7e8 100755
--- a/server/db/knexfile.js
+++ b/server/db/knexfile.js
@@ -6,9 +6,22 @@ dotenv.config({
   path: path.resolve(__dirname, '../.env'),
 });
 
+function buildSSLConfig() {
+  if (process.env.KNEX_REJECT_UNAUTHORIZED_SSL_CERTIFICATE === 'false') {
+    return {
+      rejectUnauthorized: false,
+    };
+  }
+
+  return false;
+}
+
 module.exports = {
   client: 'pg',
-  connection: process.env.DATABASE_URL,
+  connection: {
+    connectionString: process.env.DATABASE_URL,
+    ssl: buildSSLConfig(),
+  },
   migrations: {
     tableName: 'migration',
     directory: path.join(__dirname, 'migrations'),