I’m in the process of switching over to a managed Postgres database. I’m using the node-postgres library and I was able to connect to the managed db from my node app using this code:

const pool = new Pool({
  ssl: {
    rejectUnauthorized: false
  }
});

I assume having ‘rejectUnauthorized: false’ isn’t a best practice for keeping my database secure. I see that there is a .crt file that I can download from the managed postgres admin page. Am I supposed to do something with this file in order to get my node app to connect to the database without having to set rejectUnauthorised to false?

Also of note, I am running Ubuntu 20.04 on my server. Without the above code, I get this error in the terminal:

(node:8863) UnhandledPromiseRejectionWarning: Error: self signed certificate in certificate chain
    at TLSSocket.onConnectSecure (_tls_wrap.js:1501:34)
    at TLSSocket.emit (events.js:315:20)
    at TLSSocket._finishInit (_tls_wrap.js:936:8)
    at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:710:12)

Any advice would be greatly appreciated.