W
Wasp•3mo ago
cmilazzo

self-signed cert

how do I add a self signed cert to my Wasp app?
6 Replies
kapa.ai
kapa.ai•3mo ago
Hi @cmilazzo. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave: ---------------------- I'm sorry, but the provided knowledge sources do not contain information on how to add a self-signed certificate to a Wasp app. However, they do mention that when deploying an app that uses pg-boss as the executor to Heroku, you need to set an additional environment variable called PG_BOSS_NEW_OPTIONS to handle Heroku's self-signed certificate. Here is the relevant extract:
Using `pg-boss` with HerokuIf you wish to deploy an app leveraging **Jobs** (<https://wasp-lang.dev/docs/advanced/jobs>) that use `pg-boss` as the executor to Heroku, you need to set an additional environment variable called `PG_BOSS_NEW_OPTIONS` to `{&quot;connectionString&quot;:&quot;&lt;REGULAR_HEROKU_DATABASE_URL&gt;&quot;,&quot;ssl&quot;:{&quot;rejectUnauthorized&quot;:false}}`. This is because pg-boss uses the `pg` extension, which does not seem to connect to Heroku over SSL by default, which Heroku requires. Additionally, Heroku uses a self-signed cert, so we must handle that as well.
Read more: <<https://devcenter.heroku.com/articles/connecting-heroku-postgres#connecting-in-node-js>>
Using `pg-boss` with HerokuIf you wish to deploy an app leveraging **Jobs** (<https://wasp-lang.dev/docs/advanced/jobs>) that use `pg-boss` as the executor to Heroku, you need to set an additional environment variable called `PG_BOSS_NEW_OPTIONS` to `{&quot;connectionString&quot;:&quot;&lt;REGULAR_HEROKU_DATABASE_URL&gt;&quot;,&quot;ssl&quot;:{&quot;rejectUnauthorized&quot;:false}}`. This is because pg-boss uses the `pg` extension, which does not seem to connect to Heroku over SSL by default, which Heroku requires. Additionally, Heroku uses a self-signed cert, so we must handle that as well.
Read more: <<https://devcenter.heroku.com/articles/connecting-heroku-postgres#connecting-in-node-js>>
For more specific instructions on adding a self-signed certificate to your Wasp app, I would recommend checking the official Wasp documentation or reaching out to the Wasp community for support. ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ---------------------- Sorry @cmilazzo, I seem to be having a bit of trouble. Don't worry though, I've pinged my support and they will try to fix me up! :technologist: Perhaps try again in 15mins?
Filip
Filip•3mo ago
Hey @cmilazzo, the bot is talking nonsense. How are you deploying the app. Some providers already take care of this for you. Regardless of this, you can add a self-signed SSL certificate to a wasp app like you would to any other app (once the Wasp server is built, it's just a dockerized application). I'll tag @miho here just in case I missed something (he's a serial app deployer so he'll know), but I'm pretty sure that's all there is to it.
miho
miho•3mo ago
Wasp's server is a HTTP app becauase there is an expectation that you'll deploy the app behind a load balancer / on a service that comes with a reverse proxy in front of your app. If you need HTTPS locally for some testing, I'd advise using something like https://theboroer.github.io/localtunnel-www/ to get a HTTPS url for testing stuff out.
Localtunnel ~ Expose yourself to the world
Expose yourself to the world
cmilazzo
cmilazzoOP•3mo ago
I was hoping to not have to use a reverse proxy like nginx and simplify things by just having wasp, but it looks like that's not possible. Just out of curiosity, is this just because you always assume there will be a load balancer?
miho
miho•3mo ago
As far as I know, this is the standard way nowadays, usually something in front of your app terminates SSL and that's why you don't have to worry about it on the app level. But everyone's setup is slightly different! I'm curious what is your experience and how do you usually set up APIs on AWS? Maybe we can learn something from your setup and improve Wasp in the process 🙂
cmilazzo
cmilazzoOP•3mo ago
I was just trying to take a shortcut to get an MVP out actually. :). The real production server will have the load balancer and proxy for sure.
Want results from more Discord servers?
Add your server