Supabase + Drizzle + Nuxt 3 + Node - SSL 'SELF_SIGNED_CERT_IN_CHAIN' and drizzle-kit studio issues

Hi everyone ๐Ÿ‘‹ I'm new to drizzle, and fairly new to supabase but have it up and running and fetching data ok. SSL issue As my project grows, I wanted to try drizzle to have a better dx and how I handle database now. I'm using Supabase with Nuxt 3 and Node and not off to a great start, I see code: 'SELF_SIGNED_CERT_IN_CHAIN' error. Here's my configuration
// drizzle.config.ts

import 'dotenv/config';

import { defineConfig } from 'drizzle-kit';

export default defineConfig({
schema: './server/db/schema.ts',
out: './server/supabase/migrations',
dialect: 'postgresql',
dbCredentials: {
url: process.env.DATABASE_URL!,
},
});
// drizzle.config.ts

import 'dotenv/config';

import { defineConfig } from 'drizzle-kit';

export default defineConfig({
schema: './server/db/schema.ts',
out: './server/supabase/migrations',
dialect: 'postgresql',
dbCredentials: {
url: process.env.DATABASE_URL!,
},
});
//db.ts

import 'dotenv/config';

import { drizzle } from 'drizzle-orm/postgres-js';
import postgres from 'postgres';

const connectionString = process.env.DATABASE_URL as string;

export const client = postgres(connectionString, { prepare: false });
export const db = drizzle(client);
//db.ts

import 'dotenv/config';

import { drizzle } from 'drizzle-orm/postgres-js';
import postgres from 'postgres';

const connectionString = process.env.DATABASE_URL as string;

export const client = postgres(connectionString, { prepare: false });
export const db = drizzle(client);
# .env file

SUPABASE_URL="mysupabaseurl"
SUPABASE_KEY="mysupabasekey"

DATABASE_URL="postgres://postgres.[YOUR-USERNAME]:[YOUR-PASSWORD]@aws-0-eu-west-2.pooler.supabase.com:6543/postgres?sslmode=no-verify"

NODE_EXTRA_CA_CERTS="./server/certs/prod-ca-2021.crt"
# .env file

SUPABASE_URL="mysupabaseurl"
SUPABASE_KEY="mysupabasekey"

DATABASE_URL="postgres://postgres.[YOUR-USERNAME]:[YOUR-PASSWORD]@aws-0-eu-west-2.pooler.supabase.com:6543/postgres?sslmode=no-verify"

NODE_EXTRA_CA_CERTS="./server/certs/prod-ca-2021.crt"
I've looked and tried solutions from the links below to no avail: https://github.com/drizzle-team/drizzle-orm/discussions/881 https://github.com/orgs/supabase/discussions/18710 In Supabase I have Enforce SSL on incoming connections - Reject non-SSL connections to your database enabled, downloaded the right certificate from Supabase and place it in the right folder. If I disable the SSL in Supabase (and remove ?sslmode=no-verify and NODE_EXTRA_CA_CERTS="./server/certs/prod-ca-2021.crt" from my .env file I am able to migrate/push data - however I prefer SSL to be on the safe side (what are the implications of having SSL off?) Drizzle studio It seems to be stuck on the spinner - why? Attached gif. Cheers!
GitHub
Error: self signed certificate in certificate chain ยท drizzle-team ...
Hello, I am a new user of drizzle and trying to run the command for the first time to connect to my Supabase instance: drizzle-kit introspect:pg But I got this error [โฃŸ] 0 tables fetching [โฃŸ] 0 col...
GitHub
Any advice on connecting to supabase when SSL is enabled? ยท supabas...
I am using drizzle and drizzle-kit to run migrations against my supabase DB. I have SSL enforced, and can connect via psql (both with and without the SSL CLI flags, this doesn't make sense to m...
No description
4 Replies
peterstnsz
peterstnszOPโ€ข7mo ago
Anyone?
fawwaz
fawwazโ€ข7mo ago
I'm in the same boat looking for answers. is it possible that there is no way to do this with drizzle?
Vinz
Vinzโ€ข6mo ago
I using drizzle + ssl enforced. drizzle config
const caString = fs.readFileSync("xxx.crt").toString();
// URL encode the certificate
const caStringEncoded = encodeURIComponent(caString);

// Construct the database URL with SSL parameters
const dbUrl = new URL(env.DB_URL!);
dbUrl.searchParams.append("sslmode", "require");
dbUrl.searchParams.append("sslrootcert", caStringEncoded);

export default defineConfig({
dialect: "postgresql",
out: "./drizzle",
schema: "./db/schema/*",
dbCredentials: {
url: dbUrl.toString(),
},
schemaFilter: ["public"],
});
const caString = fs.readFileSync("xxx.crt").toString();
// URL encode the certificate
const caStringEncoded = encodeURIComponent(caString);

// Construct the database URL with SSL parameters
const dbUrl = new URL(env.DB_URL!);
dbUrl.searchParams.append("sslmode", "require");
dbUrl.searchParams.append("sslrootcert", caStringEncoded);

export default defineConfig({
dialect: "postgresql",
out: "./drizzle",
schema: "./db/schema/*",
dbCredentials: {
url: dbUrl.toString(),
},
schemaFilter: ["public"],
});
file for drizzle db
...
const connectionString = process.env.DB_URL!;
const client = postgres(connectionString, {
ssl: {
rejectUnauthorized: true,
ca: fs.readFileSync("xxx").toString(),
},
});
...
...
const connectionString = process.env.DB_URL!;
const client = postgres(connectionString, {
ssl: {
rejectUnauthorized: true,
ca: fs.readFileSync("xxx").toString(),
},
});
...
Budi
Budiโ€ข4mo ago
This worked for me too. Thanks for sharing this.
Want results from more Discord servers?
Add your server