Node-postgres: Cert-based authentication broken

Created on 27 Oct 2020 · 3Comments · Source: brianc/node-postgres

Starting yesterday with the upgrade to 8.4.2, connections now fail with the error message: error: connection requires a valid client certificate.

It appears that the switch to making the ssl key not enumerable means that the key is no longer copied because Object.assign() only works with enumerable properties.

This became much trickier to debug since the pg dependency on pg-pool allows for minor version upgrades. We downgraded to 7.17.0 to fix things for the short term.

Thanks

bug

Source

gregallenvt

👍7

Most helpful comment

baaaah sorry about that breakage! 😦 😦 😦 Looks like charmander is already working on a fix for it, which is rad.

brianc on 2 Nov 2020

🎉2

All 3 comments

We are also experiencing this same issue in two of our projects

Yonom on 28 Oct 2020

Almost lost my mind today with that 😅

I had upgraded several dependencies and could not figure out what the problem was before reverting my upgrades and re-trying each of them one by one.

Sticking to pg 8.4.1 works for me at the moment, using it with knex:

const configuration = {
  client: 'pg',
  connection: {
    database: process.env.DATABASE_NAME,
    host: process.env.DATABASE_HOST,
    port: parseInt(process.env.DATABASE_PORT || '5432'),
    user: process.env.DATABASE_USERNAME,
    password: process.env.DATABASE_PASSWORD,
    ssl:
      process.env.DATABASE_SSL_CERT && process.env.DATABASE_SSL_KEY
        ? {
            host: process.env.DATABASE_SSL_HOST,
            ca: process.env.DATABASE_SSL_CA
              ? fs.readFileSync(process.env.DATABASE_SSL_CA)
              : undefined,
            cert: fs.readFileSync(process.env.DATABASE_SSL_CERT),
            key: fs.readFileSync(process.env.DATABASE_SSL_KEY)
          }
        : false
  }
};