diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 00000000..6df9afa6
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1 @@
+pyproject.toml export-subst
diff --git a/CHANGES.md b/CHANGES.md
index 2fba45ed..4d7eb7fa 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,6 +1,12 @@
 # Changelog
 
 ## Unreleased
+- SSL: Added canonical [PostgreSQL client parameter `sslmode`], implementing
+  `sslmode=prefer` to connect to SSL-enabled CrateDB instances without
+  verifying the host name.
+- SSL: Connect using SSL by default
+
+[PostgreSQL client parameter `sslmode`]: https://www.postgresql.org/docs/current/libpq-ssl.html#LIBPQ-SSL-PROTECTION
 
 ## 2025/01/30 0.41.0
 - Dependencies: Updated to `crate-2.0.0`, which uses `orjson` for JSON marshalling
diff --git a/pyproject.toml b/pyproject.toml
index 4625cf19..3f6dc4d7 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -84,6 +84,7 @@ dependencies = [
   "backports.zoneinfo<1; python_version<'3.9'",
   "crate>=2,<3",
   "geojson<4,>=2.5",
+  "importlib-metadata; python_version<'3.8'",
   "importlib-resources; python_version<'3.9'",
   "sqlalchemy<2.1,>=1",
   "verlib2<0.3",
@@ -252,8 +253,9 @@ non_interactive = true
 # enable_recursive_aliases = true
 
 [tool.versioningit.vcs]
-method = "git"
+method = "git-archive"
 default-tag = "0.0.0"
+describe-subst = "$Format:%(describe:tags)$"
 
 # ===================
 # Tasks configuration
diff --git a/src/sqlalchemy_cratedb/__init__.py b/src/sqlalchemy_cratedb/__init__.py
index 41cbf381..502816be 100644
--- a/src/sqlalchemy_cratedb/__init__.py
+++ b/src/sqlalchemy_cratedb/__init__.py
@@ -52,7 +52,22 @@
     monkeypatch_add_exec_driver_sql()
 
 
+try:
+    from importlib.metadata import PackageNotFoundError, version
+except (ImportError, ModuleNotFoundError):  # pragma:nocover
+    from importlib_metadata import (  # type: ignore[assignment,no-redef,unused-ignore]
+        PackageNotFoundError,
+        version,
+    )
+
+try:
+    __version__ = version("sqlalchemy-cratedb")
+except PackageNotFoundError:  # pragma: no cover
+    __version__ = "unknown"
+
+
 __all__ = [
+    __version__,
     dialect,
     FloatVector,
     Geopoint,
diff --git a/src/sqlalchemy_cratedb/dialect.py b/src/sqlalchemy_cratedb/dialect.py
index 90102a78..bfc77a57 100644
--- a/src/sqlalchemy_cratedb/dialect.py
+++ b/src/sqlalchemy_cratedb/dialect.py
@@ -227,9 +227,12 @@ def connect(self, host=None, port=None, *args, **kwargs):
             server = kwargs.pop("servers")
         servers = to_list(server)
         if servers:
-            use_ssl = asbool(kwargs.pop("ssl", False))
-            if use_ssl:
+            use_ssl = asbool(kwargs.pop("ssl", True))
+            sslmode = kwargs.pop("sslmode", "prefer")
+            if use_ssl or sslmode in ["allow", "prefer", "require", "verify-ca", "verify-full"]:
                 servers = ["https://" + server for server in servers]
+            if sslmode == "require":
+                kwargs["verify_ssl_cert"] = False
             return self.dbapi.connect(servers=servers, **kwargs)
         return self.dbapi.connect(**kwargs)