DigitalOcean

Report this

What is the reason for this report?
Question

Connecting to Managed Postgres Database / what should I do with .crt file?

Posted on July 28, 2020
DigitalOcean Managed PostgreSQL Database
Node.js
mokey

By mokey

I’m in the process of switching over to a managed Postgres database. I’m using the node-postgres library and I was able to connect to the managed db from my node app using this code:

const pool = new Pool({
  ssl: {
    rejectUnauthorized: false
  }
});

I assume having ‘rejectUnauthorized: false’ isn’t a best practice for keeping my database secure. I see that there is a .crt file that I can download from the managed postgres admin page. Am I supposed to do something with this file in order to get my node app to connect to the database without having to set rejectUnauthorised to false?

Also of note, I am running Ubuntu 20.04 on my server. Without the above code, I get this error in the terminal:

(node:8863) UnhandledPromiseRejectionWarning: Error: self signed certificate in certificate chain
    at TLSSocket.onConnectSecure (_tls_wrap.js:1501:34)
    at TLSSocket.emit (events.js:315:20)
    at TLSSocket._finishInit (_tls_wrap.js:936:8)
    at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:710:12)

Any advice would be greatly appreciated.



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Kalimetric
Kalimetric
September 8, 2020

This comment has been deleted

0
Priyanka Malik
Priyanka MalikDigitalOcean Employee badge
October 21, 2021

Hello,

To use the ca-certificate file, You will need to download the ca-certificate from the cloud UI and place it the file path referenced in your code.

When you configure your client applications, you can use the certificate’s location on your local system. Each client application is configured differently, so check the documentation for the tool you’re using for more detail on setting up SSL connections.

Hope that this helps. Regards, Priyanka

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and AI-native businesses

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2026 DigitalOcean, LLC.Sitemap.