Using SSL

[f21gerb]

Hi there,

You mention in the config.json we can use any node mysql/postgres parameters here. For SSL we appear to have to use fs.readFileSync() like so:

https://www.npmjs.com/package/mysql#ssl-options

This does not seem to work in the json format, do you have any advice?

[f21gerb]

I was able to fix this by literally copying the cert contents into the config.json

[FumingSunpartner]

"error: SSL connection is required. Please specify SSL options and retry." How to specify SSL options? Like, just trust it

Thanks : )

[AnatolyFromPerion]

@FumingSunpartner Do you mean ssl connection to mysql?

If so, mind following example: from node-mysql2

Please, have a look at /nmig/config/config.json. Under source and target sections you're free to add any config parameters applicable to node-mysql2 and node-postgres respectively.

Also mind first couple of messages in this thread - the second one contains the solution...

[FumingSunpartner]

@AnatolyFromPerion Thanks, I mean ssl to postgres, I found a ssl param(boolean) in \node_modules\@types\pg\index.d.ts then add "ssl": true in config,

got ERROR message

--[BootProcessor::checkConnection] Error [ERR_TLS_CERT_ALTNAME_INVALID]: Hostname/IP does not match certificate's altnames: Host: localhost. is not in the cert's altnames: DNS:cr1.chinanorth2-a.control.database..............

BootProcessor.js:23
    resultMessage += pgResult.error ? `\tPostgreSQL connection error: ${JSON.stringify(pgResult.error)}` : '';
                                                                             ^

TypeError: Converting circular structure to JSON
    --> starting at object with constructor 'Object'
    --- property 'issuerCertificate' closes the circle
    at JSON.stringify (<anonymous>)
    at checkConnection (C:\Users\Public\ws\svc-platform\DB-migration\nmig\nmig\dist\src\BootProcessor.js:23:78)
    at async boot (C:\Users\Public\ws\svc-platform\DB-migration\nmig\nmig\dist\src\BootProcessor.js:39:36)

[FumingSunpartner]

soled by add

        ,"ssl"     : {
            "rejectUnauthorized":false
        }

[sturzl]

I've followed the directions here but still have trouble connecting. This might be a new issue or just me not getting the config right.

Nmig connects, finds tables and data, creates the tables in Postgres, but then hangs. No data is inserted. The same certificates allow CRUD from PGAdmin.

This is a truncated database with only 30 rows in all tables combined so I'm sure it isn't related to scale of data.

I have a ca cert, but it doesn't work if I add it and remove unauthorized false.

Below are my config.js and the console output.

Everything is default except for connections

    "source" : {
        "host"             : "000.000.000.000",
        "port"             : 3306,
        "database"         : "XXXDBNAMEXXX",
        "charset"          : "utf8mb4",
        "supportBigNumbers": true,
        "user"             : "prod_admin",
        "password"         : "XXXXXXXXXXXXXXXXXXXX"
    },
......

    "target" : {
        "host"     : "000.000.000.000",
        "port"     : 5432,
        "database" : "XXXDBNAMEXXX",
        "charset"  : "UTF8",
        "user"     : "prod_admin",
        "password" : "XXXXXXXXXXXXXXXXXXXX",
        "ssl"     : {
            "rejectUnauthorized":false,
            "cert": "-----BEGIN CERTIFICATE-----\nasdfasdfasdf\nasdfasdfasdf\n=\n-----END CERTIFICATE----- \n\n",
            "key": "-----BEGIN CERTIFICATE-----\nasdfasdfasdf\nasdfasdfasdf\n=\n-----END CERTIFICATE----- \n\n"
        }
    },

--[boot] Configuration has been just loaded.
    --[boot] NMIG is starting.

    --[DataPoolManager::createDataPoolTable] table "public"."data_pool_publicXXXXDBNAMEXXXX" is created...
    --[TableProcessor::createTable] Currently creating table: `table1`
    --[TableProcessor::createTable] Currently creating table: `table2`
    --[TableProcessor::createTable] Currently creating table: `table3`
    --[TableProcessor::createTable] Currently creating table: `table4`
    --[TableProcessor::createTable] Currently creating table: `table5`
    --[TableProcessor::createTable] Currently creating table: `table6`
    --[TableProcessor::createTable] Currently creating table: `table6`
    --[TableProcessor::createTable] Currently creating table: `table7`
    --[StructureLoader::default] Source DB structure is loaded...

            --[StructureLoader::default] Tables to migrate: 8

            --[StructureLoader::default] Views to migrate: 0
    --[DataChunksProcessor::default] Total rows to insert into "public"."table1": 1
    --[DataChunksProcessor::default] Total rows to insert into "public"."table2": 9
    --[DataChunksProcessor::default] Total rows to insert into "public"."table7": 9
    --[DataChunksProcessor::default] Total rows to insert into "public"."table5": 9
    --[DataChunksProcessor::default] Total rows to insert into "public"."table6": 1
    --[DataChunksProcessor::default] Total rows to insert into "public"."table6": 1
    --[DataChunksProcessor::default] Total rows to insert into "public"."table4": 0
    --[DataChunksProcessor::default] Total rows to insert into "public"."table3": 13
    --[DataPoolManager::readDataPool] Data-Pool is loaded...

    --[NMIG data transfer] "public"."table6" DATA TRANSFER IN PROGRESS...
    --[NMIG data transfer] TIME REQUIRED FOR TRANSFER DEPENDS ON AMOUNT OF DATA...

    --[NMIG data transfer] "public"."table5" DATA TRANSFER IN PROGRESS...
    --[NMIG data transfer] TIME REQUIRED FOR TRANSFER DEPENDS ON AMOUNT OF DATA...

    --[NMIG loadData] Loading the data into "public"."table5" table...
    --[NMIG loadData] Loading the data into "public"."table6" table...
    --[ConsistencyEnforcer::dataTransferred] error: connection requires a valid client certificate

    SQL: SELECT metadata AS metadata FROM "public"."data_pool_publicXXXXDBNAMEXXXX" WHERE id = 8;

    --[ConsistencyEnforcer::dataTransferred] error: connection requires a valid client certificate

    SQL: SELECT metadata AS metadata FROM "public"."data_pool_publicXXXXDBNAMEXXXX" WHERE id = 7;