Hello,

I am currently using app platform with mongodb managed database and I am facing issues while trying to connect on the database from my nodejs component linked to the mongodb managed database.

The issue come from the certificate : I can’t upload it on the app platform component so I need to use the ‘CA_CERT’ database env variable (https://docs.digitalocean.com/products/app-platform/how-to/use-environment-variables/)

While doing this, I am facing a new issue : the env variable is displaying the whole certificate in a bad format (not even a path) and I need to clean it right after and I am literally doing :

// cert formatter which looks really ugly
const cert = env('CA_CERT').replaceAll(' ', '\n').replace('BEGIN\n', 'BEGIN ').replace('END\n', 'END ');

mongoose.connect(url, {
    useNewUrlParser: true,
    useUnifiedTopology: true,
    sslCA: cert
});

with ssl=true instead of tls=true in mongo url.

I am looking for a better solution or an explanation about how should I use the app platform with mongodb managed database which is not shown on docs (https://docs.digitalocean.com/products/databases/mongodb/how-to/connect/).

Also, I appreciate these kind of articles (https://www.digitalocean.com/community/tech_talks/making-a-node-mongodb-app-on-digitalocean) but it is only for a local purpose and with the cert locally downloaded.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer

Hello @aellanglet ,

To begin with, the env variable added is using the direct value instead we recommend you to use the bindable variable. You can update the env variable as follows:

KEYS: DATABASE_HOST
VALUES: ${mymongodb.HOSTNAME}

KEYS: DATABASE_PORT
VALUES: ${mymongodb.PORT}

KEYS: DATABASE_NAME
VALUES: ${mymongodb.DATABASE}

KEYS: DATABASE_USERNAME
VALUES: ${mymongodb.USERNAME}

KEYS: DATABASE_PASSWORD
VALUES: ${mymongodb.PASSWORD}

KEYS: MONGODB_URL
VALUES: ${mymongodb.DATABASE_URL}

You can add the following env variable to pass the SSL CA certificate:

KEYS: MONGODB_CERT_PATH
VALUES: ${mymongodb.CA_CERT}

Regarding the code, I see you are not passing the SSL CA certificate so the database connection is failing for some reason. I would recommend you to update it as follows and check the connection:

module.exports = ({ env }) => ({
  defaultConnection: 'default',
  connections: {
    default: {
      connector: 'mongoose',
      settings: {
        uri: env('DATABASE_URI'),
        srv: env.bool('DATABASE_SRV', true),
        port: env.int('DATABASE_PORT', 27017),
        database: env('DATABASE_NAME'),
      },
      options: {
        authenticationDatabase: env('AUTHENTICATION_DATABASE', null),
        ssl: env.bool('DATABASE_SSL', true),
        sslCA: env('CA_CERT'),
      },
    },
  },
})

Hope this helps! Regarding the documentation, I shall pass this to our team internally.

Cheers,
Sri Charan

edited by kamaln7
  • Hello @smadhavapeddi,

    Thanks for you answer, I really appreciate it !
    Unfortunately, I think we misunderstood each other :
    I am already using the bindable variables explained in the docs.

    The issue come from the CA_CERT bindable variable which is not giving a path but the direct content as a value and that’s why as you may have seen on the sample of code I wrote, I need to clean the value to make it work.

    I tried to setup the bindable var at the App-Level instead of component-level but it change nothing, I get the direct value instead of a path.

    That’s also why I am passing the direct value on the code which work well after “cleaning” it, but as you can see it is really ugly.

    Thanks for your time and consideration !

    • Hello again,

      Sorry for the issue! In order to dig in more, we request you to open a ticket to our customer support team, who can access your account and provide some insights.

      https://www.digitalocean.com/support/

      Cheers,
      Sri Charan

    • Hi @aellanglet,

      This is correct, the bindable variable will contain the contents of the cert. The cert itself is not mounted inside the container, so there isn’t a path that we can pass.

      I’m not sure why you’re getting it in a bad format because the value should contain newlines, maybe the env helper could be modifying it? Try using process.env.CA_CERT directly in case that is the issue.

      Either way, as an alternative you can write the certificate to a file before your app is started.

      Let’s say your run command is npm run start, replace it with the following:

      echo "$CA_CERT" >mongodb.ca.crt
      npm run start
      

      Then, in your code, you can reference the mongodb.ca.crt file. Let us know if that works!