Node-postgres: Missing support for Certificate Authentication?

ok @brianc did a bit of verification here my self. If I use the native bindings, everything works ok.

Here are some results:

• Does not work with the javascript version of node-pg
• Does work with the native bindings
• The native bindings do not pass sqlrootcert correctly for some reason, resulting in verify-ca modes to always fail

Ok, have found the bug concerning libpq unavailability of sslrootcert. Seems like it has been forgotten over here: https://github.com/brianc/node-postgres/blob/master/lib/connection-parameters.js#L92

@brianc @wzrdtales I'm following the example from here https://node-postgres.com/features/ssl but I'm still getting error: password authentication failed for user "xxxxxxx"

It seems like it ignores the ssl option and tries user/password method?

I was able to get it to work using the following:

const fs = require('fs');

const pg = require('pg').native;

pg.defaults.ssl = true;

const { Pool } = pg;

const secrets = require('../secrets');

const { database, host, user, password } = secrets.db;

const options = {
  database,
  user,
  password,
  host,
  port: 5432,
  ssl: {
    sslmode: 'verify-ca',
    sslrootcert: 'server-ca.pem',
    sslkey: 'client-key.pem',
    sslcert: 'client-cert.pem',
  }
};

const pool = new Pool(options);

(async () => {
  await pool.query('SELECT NOW()');
})();

Also worth noting is chmod 600 client-key.pem to resolve has group or world access; permissions should be u=rw (0600) or less error

I see this was merged here:

https://github.com/brianc/node-postgres/pull/1359#issuecomment-325149350

Does this mean that this issue is resolved now?