search

tediousjs / node-mssql

Microsoft SQL Server client for Node.js
https://tediousjs.github.io/node-mssql
MIT License
2.23k stars 466 forks source link

error self signed certificate - Lambda function Nodejs connect to mssql on ec2 instance after migrating from 6.2.0 to 10.0.2 #1645

Closed windxnd closed 4 months ago

windxnd commented 4 months ago

After I tried to upgrade the MSSQL version from 6.2.0 to 10.0.2 in the production environment of a Lambda function in Node.js to connect to MSSQL on EC2 instance, I received an error regarding a self-signed certificate

Expected behaviour:

Connection is established and fetching works as usual.

Actual behaviour:

Because it is a production environment, I had to configure trustServerCertificate: false and I got an error message when connecting to MSSQL: ConnectionError: Failed to connect to ec2-xx-xxx-xxx-117.ap-northeast-1.compute.amazonaws.com:1433 - self signed certificate

Configuration:

exports.env = {
  db: {
    server: 'ec2-xx-xxx-xxx-117.ap-northeast-1.compute.amazonaws.com',
    user: 'user',
    password: 'password',
    database: 'demo',
    options: {
      enableArithAbort: true,
      encrypt: true,
      trustServerCertificate: false,
    }
  }
}

Software versions

dhensby commented 4 months ago

If the certificate is self-signed, you'll get this error. You'll either need to trust the certificate, or you'll need to get a certificate issued for it by a trusted CA.

windxnd commented 4 months ago

@dhensby When setting up MSSQL and EC2, I did not use any certificates.

windxnd commented 4 months ago

i also tried creating a certificate on EC2 and using it on the SQL service, but when setting trustServerCertificate: false, I still received an error message. Screenshot_1

dhensby commented 4 months ago

Receiving an error for self signed certificates is expected when you have not set it to be trusted.

windxnd commented 4 months ago

@dhensby if i set trustServerCertificate: false in production environment, what do I need to config to be able to connect to MSSQL on EC2? This is my first time working with MSSQL on EC2. Please help me.

dhensby commented 4 months ago

I'm afraid I'm unable to provide infrastructure support, the issue tracker is intended to just be for bug reporting.

As I've mentioned before, you have a few options. set trustServerCertificate: true to silence the error (not recommended), add the certificate the SQL server is using to the trusted CAs for node, or obtain a properly issued TLS certificate for your SQL server.