Error: self signed certificate in certificate chain
Hello, I am a new user of drizzle and trying to run the command for the first time:
But I got this error
I am connecting drizzle to my Supabase instance, and my config file is like this
I have already enabled ssl, why does this happen and how to resolve this?
21 Replies
Related to https://github.com/drizzle-team/drizzle-orm/issues/831#issue-1781522128
Even I am trying to find how to connect to Remote Postgres (Encrypted), from localhost using Drizzle
GitHub
[BUG]:
dbCredentials.ssl
is not working while introspecting · Iss...What version of drizzle-orm are you using? 0.27.0 What version of drizzle-kit are you using? 0.19.2 Describe the Bug The ssl option is not working while running introspect, // drizzle.config.ts exp...
So it’s not a drizzle problem?
Also having this issue...
Hello I'm a Supabase user too
Works great. Any reason you don't use the connection string?
I tried using connection string too but it asks for SSL. I guess your supabase db doesnt require SSL connection?
Will see asap, it is not a fresh db, maybe something in my config 🤔
true, it is disabled on my project
So it doesnt require you to connect with SSL?
Nope, no need.
So connection string doesnt work for me either, even after I turned off SSL. I got the same error.
maybe try to restart your db (from supabase dashboard).
I know support is really fast qnd helpful if you still encounter this issue.
I have tried restarting the db, how to get their support? I thought the discord channel here is the support
I mean Supabase support. Maybe they can help you looking at your project configuration.
I've never used supabase, but a quick google told me it is possible to disable SSL enforcement in your database through the CLI
Ideally you use SSL, to do so you would download the root certificate for your database following these instructions https://supabase.com/docs/guides/database/connecting-to-postgres#connecting-with-ssl
You then need to configure nodejs to either pick up that root certificate, or configure your connection to pick it up. Last I checked, drizzle-kit doesn't support that
You can either configure a path for nodejs to look for extra certificates to use for SSL verification https://nodejs.org/api/cli.html#node_extra_ca_certsfile
Or configure it on your database connection (the preferred approach)
Connecting to your database | Supabase Docs
Explore the options for connecting to your Postgres database.
Thanks for your detailed info! Can you elaborate on this part
Because in the drizzle kit type definition,
ssl
only accepts a boolean value. How can you pass a string to a boolean field?I think it is not possible right now.
I have tested too, enabling ssl: same issue.
Disabling SSL on supabase dashboard and drizzle kit works again.
To track this I have created an issue on drizzle-kit: https://github.com/drizzle-team/drizzle-kit-mirror/issues/157
Taking that
and related issue as well
i think drizzle accepts ssl as tls object. I set to false for testing.
I was able to resolve "self sign" error by providing certificate from aws doc site.
1) downloaded "Certificate bundles for all AWS Regions" (you can download for single region as well).
https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html 2) change client to force SSL 3) run You can store pem in any folder and refer it in above statement.
https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html 2) change client to force SSL 3) run You can store pem in any folder and refer it in above statement.
it works on rds with postgres?