SSL connect to PostgreSQL

alakran · October 5, 2021, 1:42pm

Sorry, I just tried it and it does not work:

2021-10-05T13:40:28.603Z | error    | There was an error initializing DB: "getaddrinfo ENOTFOUND host.redacted?sslmode=require" {"file":"start.js"}

wsargent · October 5, 2021, 1:43pm

Thanks for trying, I hope the solution comes quickly for you… Best,

Jon · October 5, 2021, 2:00pm

I had expected to see a lot more, Was that from the log file?

alakran · October 5, 2021, 2:25pm

Yes, it’s the same in the console and the log file

Jon · October 5, 2021, 2:43pm

I am just signing up for an Azure account now to see if I can get it working.

Jon · October 5, 2021, 3:18pm

Alright so…

I have set…

      - DB_TYPE=postgresdb
      - DB_POSTGRESDB_HOST=REMOVED.postgres.database.azure.com
      - DB_POSTGRESDB_PORT=5432
      - DB_POSTGRESDB_DATABASE=REMOVED
      - DB_POSTGRESDB_USER=REMOVED
      - DB_POSTGRESDB_PASSWORD=REMOVED
      - DB_POSTGRESDB_SSL_CA=/files/DigiCertGlobalRootCA.crt.pem

The certificate I have used is the one from here: Encrypted connectivity using TLS/SSL in Azure Database for PostgreSQL - Flexible Server | Microsoft Docs

In my n8n.log I have

{"level":"error","message":"There was an error initializing DB: \"self signed certificate in certificate chain\"","metadata":{"file":"start.js","timestamp":"2021-10-05T15:13:45.239Z"}}

I will keep working away and see if I can work it out.

Jon · October 5, 2021, 3:31pm

ok @alakran I have it working.

So in my docker image I have /files/ mapped to a folder on my machine

    volumes:
      - /home/jonathan/docker/n8n-psql-test/.n8n:/home/node/.n8n
      - /home/jonathan/docker/n8n-psql-test/files:/files

Then in /home/jonathan/docker/n8n-psql-test/files I have the crt.pem that the Azure docs tells me to download. I then have the following env options for Postgres

      - DB_TYPE=postgresdb
      - DB_POSTGRESDB_HOST=REMOVED.postgres.database.azure.com
      - DB_POSTGRESDB_PORT=5432
      - DB_POSTGRESDB_DATABASE=postgres
      - DB_POSTGRESDB_USER=REMOVED
      - DB_POSTGRESDB_PASSWORD=REMOVED
      - DB_POSTGRESDB_SSL_CA=/files/DigiCertGlobalRootCA.crt.pem
      - DB_POSTGRESDB_SSL_REJECT_UNAUTHORIZED=false

The bottom line is getting around the self signed cert error I was getting and got everything working, I have used the flexi server option of Postgres rather than the full server option but in theory it should be the same deal.

alakran · October 5, 2021, 4:18pm

Bingo! Thanks a lot, this combination worked!