Menu
This is my first time using NestJS and I am having trouble connecting my Postgres database which is hosted on Digitalocean to NestJS.
I searched online for solutions and tried adding "ssl": "true" or "extra": { "ssl": "true" }
Heres my ormconfig.json
{
"type": "postgres",
"host": "host",
"port": "port",
"username": "username",
"password": "password",
"database": "database",
"extra": {
"ssl": "true"
},
"synchronize": "true",
"logging": "true",
"entities": ["src/**/*.entity.ts", "dist/**/*.entity.js"]
}
I expect it to connect to the server. The error I'm getting is [TypeOrmModule] Unable to connect to the database. error: no pg_hba.conf entry for host "", user "", database "", SSL off
239
1 Define TypeORM environment variables. DATABASE_URL is the name of the default environment variable (or “config var” as heroku likes to call it) that contains the full database connection string. 2 Enable SSL. ... 3 Allow self-signed certificates. ... 4 Prevent overrides from the node TLS core module. ...
To encrypt a connection from SQL Server Management Studio: 1 On the Object Explorer toolbar, click Connect, and then click Database Engine. 2 In the Connect to Server dialog box, complete the connection information, and then click Options. 3 On the Connection Properties tab, click Encrypt connection. More ...
Now, this is a painful point… the node stack itself forbids SSL connections encrypted with self-signed certificates and it overrides the behaviour of any library since it comes from the core modules. It is possible to allow them by setting NODE_TLS_REJECT_UNAUTHORIZED="0", but I would rather not.
But I was using the url parameter in the typeorm config, and the url from DO contains sslmode=require at the end. It turns out that the sslmode parmeter in the url overwrites the ssl-parameter in config, s o the ca parameter was never set. See: node-postgres.com/features/ssl But what's actually stored in that SSL_CERT environment variable??
If anyone has the same issue, I fixed it by adding a field for ssl and setting my ca certificate that I got from Digital Ocean. Heres what my ormconfig looks like:
module.exports = {
name: 'default',
type: 'postgres',
host: 'host',
port: port,
username: 'username',
password: 'password',
database: 'database',
synchronize: true,
dropSchema: false,
logging: true,
ssl: {
ca: process.env.SSL_CERT,
},
entities: ['src/**/*.entity.ts', 'dist/**/*.entity.js'],
};
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With