diff --git a/CHANGELOG.md b/CHANGELOG.md
index f7f3394d..d67d1e34 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,11 +2,12 @@
 
 ## 0.18.x (2022-xx-xx)
 
-- Added an OIDC AllowGroups Configuration options and authorization check [#1041](https://github.com/juanfont/headscale/pull/1041)
-- Reworked routing and added support for subnet router failover [#1024](https://github.com/juanfont/headscale/pull/1024)
-
 ### Changes
 
+- Reworked routing and added support for subnet router failover [#1024](https://github.com/juanfont/headscale/pull/1024)
+- Added an OIDC AllowGroups Configuration options and authorization check [#1041](https://github.com/juanfont/headscale/pull/1041)
+- Set `db_ssl` to false by default [#1052](https://github.com/juanfont/headscale/pull/1052)
+
 ## 0.17.1 (2022-12-05)
 
 ### Changes
diff --git a/config.go b/config.go
index 233dfe4a..6c975d1e 100644
--- a/config.go
+++ b/config.go
@@ -172,6 +172,8 @@ func LoadConfig(path string, isFile bool) error {
 	viper.SetDefault("cli.timeout", "5s")
 	viper.SetDefault("cli.insecure", false)
 
+	viper.SetDefault("db_ssl", false)
+
 	viper.SetDefault("oidc.scope", []string{oidc.ScopeOpenID, "profile", "email"})
 	viper.SetDefault("oidc.strip_email_domain", true)
 	viper.SetDefault("oidc.only_start_if_oidc_is_available", true)
diff --git a/integration_test/etc/alt-config.dump.gold.yaml b/integration_test/etc/alt-config.dump.gold.yaml
index c40dc6ef..6a51d904 100644
--- a/integration_test/etc/alt-config.dump.gold.yaml
+++ b/integration_test/etc/alt-config.dump.gold.yaml
@@ -3,6 +3,7 @@ cli:
   insecure: false
   timeout: 5s
 db_path: /tmp/integration_test_db.sqlite3
+db_ssl: false
 db_type: sqlite3
 derp:
   auto_update_enabled: false
diff --git a/integration_test/etc/alt-config.yaml b/integration_test/etc/alt-config.yaml
index df776ea3..55567861 100644
--- a/integration_test/etc/alt-config.yaml
+++ b/integration_test/etc/alt-config.yaml
@@ -16,6 +16,7 @@ dns_config:
     - 127.0.0.11
     - 1.1.1.1
 db_path: /tmp/integration_test_db.sqlite3
+db_ssl: false
 private_key_path: private.key
 noise:
   private_key_path: noise_private.key
diff --git a/integration_test/etc/alt-env-config.dump.gold.yaml b/integration_test/etc/alt-env-config.dump.gold.yaml
index b004e01c..908b6326 100644
--- a/integration_test/etc/alt-env-config.dump.gold.yaml
+++ b/integration_test/etc/alt-env-config.dump.gold.yaml
@@ -3,6 +3,7 @@ cli:
   insecure: false
   timeout: 5s
 db_path: /tmp/integration_test_db.sqlite3
+db_ssl: false
 db_type: sqlite3
 derp:
   auto_update_enabled: false
diff --git a/integration_test/etc/alt-env-config.yaml b/integration_test/etc/alt-env-config.yaml
index 392be6ab..2410ca64 100644
--- a/integration_test/etc/alt-env-config.yaml
+++ b/integration_test/etc/alt-env-config.yaml
@@ -15,6 +15,7 @@ dns_config:
   nameservers:
     - 1.1.1.1
 db_path: /tmp/integration_test_db.sqlite3
+db_ssl: false
 private_key_path: private.key
 noise:
   private_key_path: noise_private.key
diff --git a/integration_test/etc/config.dump.gold.yaml b/integration_test/etc/config.dump.gold.yaml
index d64e833a..2e9675f7 100644
--- a/integration_test/etc/config.dump.gold.yaml
+++ b/integration_test/etc/config.dump.gold.yaml
@@ -3,6 +3,7 @@ cli:
   insecure: false
   timeout: 5s
 db_path: /tmp/integration_test_db.sqlite3
+db_ssl: false
 db_type: sqlite3
 derp:
   auto_update_enabled: false