Closed tomholub closed 5 years ago
You're right, there's a dumb check for ?sslmode
presence in the url, so if it's not the first parameter it gets added to the url. However, i'd like to know how did you connect to the database? CLI or via web?
Fixed
The standard way to connect to my db is:
postgresql://root@127.0.0.1:26257?sslcert=%2Fhome%2Fluke%2Fgit%2Fflowcrypt-deploy%2Fsecrets%2Fkeys%2Fcockroach%2Fdev%2Fclient.root.crt&sslkey=%2Fhome%2Fluke%2Fgit%2Fflowcrypt-deploy%2Fsecrets%2Fkeys%2Fcockroach%2Fdev%2Fclient.root.key&sslmode=verify-full&sslrootcert=%2Fhome%2Fluke%2Fgit%2Fflowcrypt-deploy%2Fsecrets%2Fkeys%2Fcockroach%2Fdev%2Fca.crt
Notice it includes
sslmode=verify-full
When I submit it into
Enter server URL scheme
, I get: open /home/luke/git/flowcrypt-deploy/secrets/keys/cockroach/dev/ca.crt?sslmode=disable: no such file or directorypgweb seems to blindly add ?sslmode=disable at the end.
To work around it, I have to add a bogus parameter at the end:
postgresql://root@127.0.0.1:26257?sslcert=%2Fhome%2Fluke%2Fgit%2Fflowcrypt-deploy%2Fsecrets%2Fkeys%2Fcockroach%2Fdev%2Fclient.root.crt&sslkey=%2Fhome%2Fluke%2Fgit%2Fflowcrypt-deploy%2Fsecrets%2Fkeys%2Fcockroach%2Fdev%2Fclient.root.key&sslmode=verify-full&sslrootcert=%2Fhome%2Fluke%2Fgit%2Fflowcrypt-deploy%2Fsecrets%2Fkeys%2Fcockroach%2Fdev%2Fca.crt&bogus=none
So that the edited parameter would not be an important one.