Error: self signed certificate in certificate

My app cannot connect to the managed database instance I just created because of the following error:

[2022-01-05 11:20:18] yarn run v1.22.17
[2022-01-05 11:20:18] $ NODE_ENV=production node build/server.js
[2022-01-05 11:20:21] > App started http://localhost:3000
[2022-01-05 11:20:21] node:internal/process/promises:246
[2022-01-05 11:20:21]           triggerUncaughtException(err, true /* fromPromise */);
[2022-01-05 11:20:21]           ^
[2022-01-05 11:20:21] 
[2022-01-05 11:20:21] Error: self signed certificate in certificate chain
[2022-01-05 11:20:21]     at TLSSocket.onConnectSecure (node:_tls_wrap:1530:34)
[2022-01-05 11:20:21]     at TLSSocket.emit (node:events:390:28)
[2022-01-05 11:20:21]     at TLSSocket._finishInit (node:_tls_wrap:944:8)
[2022-01-05 11:20:21]     at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:725:12) {
[2022-01-05 11:20:21]   code: 'SELF_SIGNED_CERT_IN_CHAIN'
[2022-01-05 11:20:21] }
[2022-01-05 11:20:21] error Command failed with exit code 1.
[2022-01-05 11:20:21] info Visit for documentation about this command.

Inspired by:

This is how I configured my connection:

    connection: {
      connectionString: DATABASE_URL,
      ssl: {
        ca: fs.readFileSync(CA_CERT).toString(),

I don’t want to set rejectUnauthorized: false, I want to use the certificate you provide.

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Hi @akoskm,

I might be wrong but I think since it’s a self-signed certificate can’t be trusted as it’s not verified. (untrusted = not verified by a certificate authority)

I would not recommend setting this environment variable rejectUnauthorized: false in production as your application would not be trusted by users.

I think you can use free Let’s Encrypt certificates for this purpose as well.

Here is a similar question here: