diff --git a/charts/nebraska/README.md b/charts/nebraska/README.md
index 24fbcc250..965dea6c4 100644
--- a/charts/nebraska/README.md
+++ b/charts/nebraska/README.md
@@ -99,6 +99,7 @@ $ helm install my-nebraska nebraska/nebraska
 | `config.auth.oidc.sessionCryptKey`                    | Session key used for encrypting sessions in cookies to store OIDC info, will be generated if none is passed | `nil`                                    |
 | `config.database.host`                                | The host name of the database server                                                                                                 | `""` (use postgresql from Bitnami subchart)                             |
 | `config.database.port`                                | The port number the database server is listening on                                                                                  | `5432`                                                                  |
+| `config.database.sslMode`                             | The mode of the database connection                                                                                                  | `disable`                                                               |
 | `config.database.dbname`                              | The database name                                                                                                                    | `{{ .Values.postgresql.auth.database }}` (evaluated as a template)      |
 | `config.database.username`                            | PostgreSQL user                                                                                                                      | `{{ .Values.postgresql.postgresqlUsername }}` (evaluated as a template)                                    |
 | `config.database.password`                            | PostgreSQL user password                                                                                                             | `""` (evaluated as a template)                                          |
diff --git a/charts/nebraska/templates/deployment.yaml b/charts/nebraska/templates/deployment.yaml
index a3c31b202..6fb48a5ce 100644
--- a/charts/nebraska/templates/deployment.yaml
+++ b/charts/nebraska/templates/deployment.yaml
@@ -1,6 +1,7 @@
 {{- $db := ( tpl .Values.config.database.dbname . ) }}
 {{- $host := .Values.config.database.host | default (include "nebraska.postgresql.fullname" .) }}
 {{- $port := .Values.config.database.port | toString }}
+{{- $sslMode := .Values.config.database.sslMode | default "disable" }}
 {{- $user := ( tpl .Values.config.database.username . ) }}
 apiVersion: apps/v1
 kind: Deployment
@@ -137,7 +138,7 @@ spec:
                   key: dbPassword
                   {{- end }}
             - name: NEBRASKA_DB_URL
-              value: {{ printf "postgres://%s:$(DB_PASSWORD)@%s:%s/%s?sslmode=disable&connect_timeout=10" $user $host $port $db | quote }}
+              value: {{ printf "postgres://%s:$(DB_PASSWORD)@%s:%s/%s?sslmode=%s&connect_timeout=10" $user $host $port $db $sslMode | quote }}
             {{- if eq .Values.config.auth.mode "github" }}
             - name: "NEBRASKA_GITHUB_OAUTH_CLIENT_ID"
               value: "{{ .Values.config.auth.github.clientID }}"
diff --git a/charts/nebraska/values.yaml b/charts/nebraska/values.yaml
index a50d60fea..5fc60b09d 100644
--- a/charts/nebraska/values.yaml
+++ b/charts/nebraska/values.yaml
@@ -73,6 +73,7 @@ config:
     dbname: '{{ .Values.postgresql.auth.database }}'
     username: '{{ .Values.postgresql.auth.username }}'
     password: ""
+    sslMode: ""
     passwordExistingSecret:
       enabled: true
       name: '{{ .Release.Name }}-postgresql'