Closed tka85 closed 1 year ago
I switched the pg_hba.conf
entry from scram-sha-256
to md5
just in case planka was using some older version that couldn't do the exchanged required by the newer scram
auth method, but still the same problem. Initially planka tries to connect via unencrypted connection which is immediately rejected by pg_hba.conf
and then it tries SSL but it disconnects immediately.
This is te pg_hba entry:
hostssl planka_db planka xxx.xxx.xxx.xxx/32 md5
The password is correct. I tried connecting from same source host to same destination host and db via psql and it connects fine.
I could really use some pointers here. Anyone else got the planka working over SSL connection to Postgres?
I checked the .env.sample
file and it has PGSSLMODE
and KNEX_REJECT_UNAUTHORIZED_SSL_CERTIFICATE
variables (they should also be in docker-compose.yml
). Have you tried to set values to them?
You can also try to uncomment ssl: true
in server/config/env/production.js
. I haven't tested it, I thought everything should work with ?ssl=true&sslmode=require
...
Sorry, can no longer check this and don't want to hold the issue open if no one else is interested. Moved on to another solution.
In a docker-compose I have these env vars setup (db string values are confirmed to be correct with psql connecting properly using them on CLI):
My SSL cert is from letsencrypt. Not self-signed. It is mounted correctly into pg container and I have another webapp that is connecting to this postgresql over SSL correctly.
On postgresql (v14) side I see logs:
And on Planka side:
It seems that the
?ssl=true&sslmode=require
is not honored at first as Pg rejects the non-secure connection attempt. But then there is an SSL connection attempt but fails on the Planka side.Am I missing something?