Prisma: Error: The certificate was not trusted

Can you please tell me where your database is hosted?

On a random Vultr server

You are trying to access the postgres instance over localhost on the vultr instance or you are using that vultr instance locally on your machine?

I'm not sure to understand the question. All was working before but I think I'm using this db locally. I just put in the datasource url my db connection string and use this with a local server

I am trying to ask are you trying to connect to your vultr server where postgres is hosted from your development machine or you are running you prisma2 application on the same vultr box in which your database is hosted?

Oh no the database is in the vultr server, and i'm locally trying to use this database

I am having the same problem.

• [email protected], binary version: 4d50094c10949656143dbc604bc13c784954c990
• database hosted on DigitalOcean, graphql/prisma2 dev server hosted locally

PS: it works alright with preview015

Currently receiving the same error

• Database is hosted on Heroku/AWS
• [email protected], binary version: 377e2db71bae5da19d0090558c8819ff57dfdfc6
• Report ID 479

@iherger Preview 15 fails for me,
[email protected], binary version: 20b6dc13949cccccfef5be07c0be7a3d7c858abe

@iherger @williamluke4 Can you please make sure all the information about what you are actually doing is provided in your comment - so it is easy and straightforward for @pantharshit00 to try to reproduce the problem.

@janpio , @pantharshit00

1. new project, no previous database migrations
2. postgresql database hosted on DigitalOcean (connection string works fine)
3. running prisma2 lift save produces the error above

The same three steps with a local postgresql database work fine.

I can confirm this bug in [email protected], binary version: 377e2db71bae5da19d0090558c8819ff57dfdfc6

Thanks for the reproduction steps @iherger :)

Adding sslaccept=accept_invalid_certs to your datasource url should work for now

@williamluke4 , thanks, that works indeed for now.

I can confirm the discrepancy between lift and the psql CLI connecting to the same database with the same SSL settings, we're investigating.

In the meantime for setups that are not security sensitive, @williamluke4 's workaround works :)

I spent a lot of time investigating this, and the conclusion is that what we are doing is not buggy, but much stricter than most other postgres clients. We will relax the current behaviour a bit (otherwise you would have to pass certificate files to the postgres connection in nearly every scenario). I will keep this issue up to date.

@tomhoule Why is it that this only cropped recently? Was the code change recently to make the certificate file required by default?

Yes, we implemented passing custom certificates for postgres connections a few weeks ago and I think that's when the decision was made.

Encountering the same issue with a postgres database hosted on heroku. Adding sslaccept=accept_invalid_certs to the connection url fixed it.

I have a few issues currently with the Prisma2 platform and I think it all stems from this issue (unless majorly mistaken).

I have tried all the params above without success, on both localhost and hosted on DO. The same error seems to show up on a variety of steps. Sometimes on prisma2 lift up, lift save, dev. Sometimes not at all, but later on during prisma2 dev.

I have created this #999 which seems to be the same error on #919.

I'd really grateful if someone had a temporary workaround while the devs iron this out.

This is fixed upstream, the change should make it in preview 18 :) More context in https://github.com/prisma/specs/issues/325

This is fixed upstream, the change should make it in preview 18 :) More context in prisma/specs#325

Has this been fixed in 18? Because the notes do not mention this issue.

I have 2.0.0-preview018.2 and the problem is still there

I have 2.0.0-preview018.2 and the problem is still there

The devs haven't replied, but I am pretty sure it's fixed. I haven't had the issue ever since I updated. Now it's mostly the lift engine panicking at every turn.

Can you make sure you have prisma 18.2 throughout your stack? Your global pckg, your local file and your server, if any?

I have just tried this approach:

1. Setup local environment with a Prisma schema pointed to the local DB and run the prisma2 generate -- works without any problem
2. Prepare new Postgress on Heroku and change the link in the local schema to the remote one and call again the prisma2 generate (on my local) -- seen the error
3. Fixed the postgress URL by the parameter: sslaccept=accept_invalid_certs and call the command again -- now it works fine, the remote database were generated.

So IMHO the problem is still there

@janpio
Could we get a clarification on this?

--- NO LONGER VALID ---

I have tried to replicate that again to provide more details with the 2.0.0-preview018.2 and it works FINE. So the error was on my side somewhere, probably by using the npx that uses 017 version.

Sorry for that and thank you for the good work.

By my knowledge this should work as expected, sorry I did not get to confirm this earlier - but happy you figured it out yourself.