Issue
When upgrading from to version 8.x
of the node module pg
, an error will occur that mentions self signed certificates. It will look something like this:
2020-04-01T21:04:18.128008+00:00 app[web.1]: Error: self signed certificate
2020-04-01T21:04:18.128018+00:00 app[web.1]: at TLSSocket.onConnectSecure (_tls_wrap.js:1473:34)
2020-04-01T21:04:18.128020+00:00 app[web.1]: at TLSSocket.emit (events.js:311:20)
2020-04-01T21:04:18.128020+00:00 app[web.1]: at TLSSocket._finishInit (_tls_wrap.js:916:8)
2020-04-01T21:04:18.128021+00:00 app[web.1]: at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:686:12) {
2020-04-01T21:04:18.128021+00:00 app[web.1]: code: 'DEPTH_ZERO_SELF_SIGNED_CERT'
2020-04-01T21:04:18.128022+00:00 app[web.1]: }
A change was made to pg
in version 8 that has made the defaults more secure, but unfortunately broken connecting to a Heroku database. This is explained here: https://node-postgres.com/announcements#2020-02-25
Resolution
Depending on the setup, the pg
config will need to set the rejectUnauthorized
value to false
. This can be done 1 of 2 ways:
Solution 1
Setting up the ssl
settings from Pool
params.
const { Pool } = require('pg');
const pool = new Pool({
connectionString: process.env.DATABASE_URL,
ssl: {
rejectUnauthorized: false
}
});
Solution 2
Setting up configuration with pg-connection-string
.
const { Pool } = require('pg');
const { parse } = require('pg-connection-string')
const config = parse(process.env.DATABASE_URL)
config.ssl = {
rejectUnauthorized: false
}
const pool = new Pool(config)