I have an Express.js app trying to connect to a managed Postgres db. However the connection fails with the following cert error:
ERROR (16): Database connection failed
err: {
"type": "Error",
"message": "self-signed certificate in certificate chain",
"stack":
Error: self-signed certificate in certificate chain
at TLSSocket.onConnectSecure (node:_tls_wrap:1677:34)
at TLSSocket.emit (node:events:519:28)
at TLSSocket._finishInit (node:_tls_wrap:1076:8)
at ssl.onhandshakedone (node:_tls_wrap:862:12)
"code": "SELF_SIGNED_CERT_IN_CHAIN"
}
After some searching it looks like I need to pass in the db’s cert when configuring the connection:
export const db = pgp({
connectionString: DB_CONNECTION_STR,
connect_timeout: 15000, // 15 seconds
ssl: {
rejectUnauthorized: true,
ca: process.env.CA_CERT,
},
});
I also created an environment variable that mapped the value of ${<my-db-name>.CA_CERT} to CA_CERT as described in this article: https://docs.digitalocean.com/products/app-platform/how-to/use-environment-variables/#databases
I replaced <my-db-name> with the name of my managed Postgres instance. When creating the db, I just went with the autogenerated name. This is not my actual db’s name, but it has the same format: db-postgresql-sfo-1000
However, I can’t get the value of the ${db-postgresql-sfo-1000.CA_CERT} expression to evaluate to the correct value. When I write process.env.CA_CERT out to console log I get back the string ‘${db-postgresql-sfo-1000.CA_CERT}’. My guess is that the db name part of the value is not correct. The autogenerated name has hyphens so I tried underscores, but that didn’t help. How can I find what the right value for the ${<my-db-name>.CA_CERT} expression is that I should use?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Sign up for Infrastructure as a Newsletter.
Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
Hi there,
Are you doing this during the build process or during the run stage?
Keep in mind that Database values are not available during build time but are available at runtime as mentioned here in the docs:
If this is not the case, there has been a similar discussion here about the same use-case:
The solution that the user mentioned was to switch to using
Pool
frompg
:Let me know how it goes!
- Bobby