Where should i put a-certificate.crt file?

I had trouble connecting to digitalocean database in node js and was getting errors such as:

Error: self signed certificate in certificate chain.


error: no pg_hba.conf entry for host "x.x.x.x", user "------", database "------", SSL off

but then I added ca-certificate.crt file into my node.js app newly created ssl folder and wrote this

const pg = require('pg')
const fs = require('fs')

const pool = new pg.Pool({
    user: "-----",
    password: "--------",
    host: "-----------",
    port: 25060,
    database: "----",
    ssl: true,
    ssl: {
      ca: fs.readFileSync('../ssl/ca-certificate.crt'),
      rejectUnauthorized: true,

module.exports = pool;

This line fixed all those errors and now I can connect to the database

ca: fs.readFileSync('../ssl/ca-certificate.crt'),

but I feel it’s not very common practice to have ca-certificate.crt file in my app folder so I would like to know how to handle this?

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

+1 for this I am running a node app on App Platform and I’m unsure how to get it on the server. Other than putting it in my repo, which, as @beuu said, seems like a bad idea.

The certificates should be put in a folder dedicated to certificates and key files. An example location would be /usr/local/ssl/crt/. All of your certificates need to be in the same folder. Save the changes to the file once you are finished.

Hi there @beuu,

I have not tested this with NodeJS, but I’ve done it with other frameworks and PostgreSQL. What you can do is to add the certificate at:


Then make sure that the file has secure permissions:

  1. chmod 600 ~/.postgresql/root.crt

That way the connection to your PostgreSQL server would default to using that certificate.

Let me know how it goes! Regards, Bobby