diff --git a/.github/workflows/emailsender-central-compatibility.yaml b/.github/workflows/emailsender-central-compatibility.yaml
index 634827c70..826c5b1da 100644
--- a/.github/workflows/emailsender-central-compatibility.yaml
+++ b/.github/workflows/emailsender-central-compatibility.yaml
@@ -7,11 +7,15 @@ on:
       - main
     paths:
       - 'emailsender/**'
+      - 'scripts/**'
+      - '.github/workflows/emailsender-central-compatibility.yaml'
 
   pull_request:
     types: [opened, synchronize, reopened, ready_for_review]
     paths:
       - 'emailsender/**'
+      - 'scripts/**'
+      - '.github/workflows/emailsender-central-compatibility.yaml'
 
 jobs:
   e2e-test-on-kind:
diff --git a/dp-terraform/helm/rhacs-terraform/templates/emailsender.yaml b/dp-terraform/helm/rhacs-terraform/templates/emailsender.yaml
index c8def1f96..a312d31d8 100644
--- a/dp-terraform/helm/rhacs-terraform/templates/emailsender.yaml
+++ b/dp-terraform/helm/rhacs-terraform/templates/emailsender.yaml
@@ -41,6 +41,8 @@ spec:
               value: "/var/run/certs/tls.crt"
             - name: HTTPS_KEY_FILE
               value: "/var/run/certs/tls.key"
+            - name: DATABASE_SSL_MODE
+              value: {{ .Values.emailsender.db.sslMode }}
             {{- if .Values.emailsender.authConfigFromKubernetes }}
             - name: AUTH_CONFIG_FROM_KUBERNETES
               value: "true"
diff --git a/dp-terraform/helm/rhacs-terraform/values.yaml b/dp-terraform/helm/rhacs-terraform/values.yaml
index 51fc04d9e..99a3fce3c 100644
--- a/dp-terraform/helm/rhacs-terraform/values.yaml
+++ b/dp-terraform/helm/rhacs-terraform/values.yaml
@@ -72,6 +72,8 @@ emailsender:
   enabled: false
   # Use this in case you apply this manifest against a cluster without service-ca operator
   # to turn of HTTPS and mounting the service-ca certs since they'll not be created
+  db:
+    sslMode: "verify-full"
   enableHTTPS: true
   replicas: 3
   image:
diff --git a/scripts/ci/central_compatibility/emailsender-values.yaml b/scripts/ci/central_compatibility/emailsender-values.yaml
index 44ca137dc..69ca4fb9f 100644
--- a/scripts/ci/central_compatibility/emailsender-values.yaml
+++ b/scripts/ci/central_compatibility/emailsender-values.yaml
@@ -9,6 +9,8 @@ fleetshardSync:
     enabled: false
     subnetGroup: "dummyGroup"
 emailsender:
+  db:
+    sslMode: "disable"
   image:
     repo: "quay.io/rhacs-eng/emailsender"
   enabled: true