diff --git a/Cargo.lock b/Cargo.lock
index 43063445..a91ff715 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2635,6 +2635,7 @@ dependencies = [
  "hyper 1.4.1",
  "hyper-util",
  "rustls 0.23.11",
+ "rustls-native-certs",
  "rustls-pki-types",
  "tokio",
  "tokio-rustls",
@@ -4826,6 +4827,7 @@ dependencies = [
  "pin-project-lite",
  "quinn",
  "rustls 0.23.11",
+ "rustls-native-certs",
  "rustls-pemfile 2.1.2",
  "rustls-pki-types",
  "serde",
@@ -5163,6 +5165,19 @@ dependencies = [
  "zeroize",
 ]
 
+[[package]]
+name = "rustls-native-certs"
+version = "0.7.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a88d6d420651b496bdd98684116959239430022a115c1240e6c3993be0b15fba"
+dependencies = [
+ "openssl-probe",
+ "rustls-pemfile 2.1.2",
+ "rustls-pki-types",
+ "schannel",
+ "security-framework",
+]
+
 [[package]]
 name = "rustls-pemfile"
 version = "1.0.4"
@@ -5908,7 +5923,6 @@ dependencies = [
  "indexmap 2.2.6",
  "log",
  "memchr",
- "native-tls",
  "once_cell",
  "paste",
  "percent-encoding",
diff --git a/Cargo.toml b/Cargo.toml
index 7cef3cb4..ad2557b2 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -77,8 +77,6 @@ osv = { version = "0.2.0", default-features = false }
 packageurl = "0.3.0"
 parking_lot = "0.12"
 pem = "3"
-postgresql_archive = "0.14.0"
-postgresql_embedded = "0.14.0"
 prometheus = "0.13.3"
 rand = "0.8.5"                                                        # for testing
 regex = "1.10.3"
@@ -136,6 +134,13 @@ trustify-module-storage = { path = "modules/storage" }
 trustify-module-graphql = { path = "modules/graphql" }
 trustify-test-context = { path = "test-context" }
 
+# These dependencies are active during both the build time and the run time. So they are normal dependencies
+# as well as build-dependencies. However, we can't control feature flags for build dependencies the way we do
+# it for normal dependencies. So enabling the vendor feature for openssl-sys doesn't work for the build-dependencies.
+# This will fail the build on targets where we need vendoring for openssl. Using rustls instead works around this issue.
+postgresql_archive = { version = "0.14.0", default-features = false, features = ["theseus", "rustls-tls"] }
+postgresql_embedded = { version = "0.14.0", default-features = false, features = ["theseus", "rustls-tls"] }
+
 [patch.crates-io]
 #csaf-walker = { git = "https://github.com/ctron/csaf-walker", rev = "7b6e64dd56e4be79e184b053ef754a42e1496fe0" }
 #sbom-walker = { git = "https://github.com/ctron/csaf-walker", rev = "7b6e64dd56e4be79e184b053ef754a42e1496fe0" }