Open RiddlerKnight opened 1 month ago
@RiddlerKnight
You can remove the sslmode=disable and then add certificate using the following environment variables
@RiddlerKnight
You can remove the sslmode=disable and then add certificate using the following environment variables
Sure, I tried creating cert with cert-manager signed by Let's Encrypt
with my domain. The cert was mounted to postgre db without any problem and tested by kubectl forward-port
then connecting with the ca without any issue.
Unfortunately, the migration issue still exist but another error. I checked further that DB_ROOT_CERT env is mounted into the pod with base64 encoded so it seem everything is correct.
This is an error that I got.
> backend@1.0.0 migration:latest
> knex --knexfile ./src/db/knexfile.ts --client pg migrate:latest
Requiring external module ts-node/register
Working directory changed to /backend/src/db
Using environment: production
unable to get issuer certificate
Error: unable to get issuer certificate
at TLSSocket.onConnectSecure (node:_tls_wrap:1674:34)
at TLSSocket.emit (node:events:519:28)
at TLSSocket.emit (node:domain:488:12)
at TLSSocket._finishInit (node:_tls_wrap:1085:8)
at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:871:12)
npm notice
npm notice New minor version of npm available! 10.5.2 -> 10.8.0
npm notice Changelog: <https://github.com/npm/cli/releases/tag/v10.8.0>
npm notice Run `npm install -g npm@10.8.0` to update!
npm notice
Describe the bug
I installed with
infisical-standalone-postgres
helm chart with these valuesI use external postgres and mount the connection string via secret. During migration, I face this error.
I try to fix with providing
?sslmode=disable
in connection string but noting happen. So I try to mount certificate but no any attribute to provide ssl certificate.Expect behavior
be able to add ssl certificate or disable ssl verification.