This is my config file for Sequelize:
...
staging: {
username: process.env.DB_USER,
password: process.env.DB_PASSWORD,
database: process.env.DB_NAME,
host: process.env.DB_HOST,
dialect: "postgres",
native: true,
ssl: "require", // not working
dialectOptions: {
project: "demo-db",
},
pool: {
max: 5,
min: 0,
acquire: 30000,
idle: 10000,
},
},
...
What is the right way to config in Sequelize to set sslmode=require?
Hi, I found that this works. Please try it and let us know.
dialectOptions: {
ssl: {
require: true
}
}
I am looking at this for the first time myself. With that in mind, here’s a couple of options to try:
rejectUnauthorized: false
dialectOptions: {
ssl: {
require: true,
rejectUnauthorized: false, // <-- Add this line
},
},
This essentially disables SSL/TLS certificate validation, which is not recommended from a security perspective.
const { Sequelize } = require('sequelize');
const fs = require('fs');
// Read the certificate file (use the correct path for your certificate file)
const rootCert = fs.readFileSync('/etc/ssl/certs/ca-certificates.crt');
const sequelize = new Sequelize('postgres://<user>:<password>@ep-snowy-unit-123456.us-east-2.aws.neon.tech/neondb', {
dialectOptions: {
ssl: {
require: true,
ca: rootCert, // Use the root certificate
}
}
});
We provide some information here about the location of cert files on different operating systems: Connect to Neon securely — Neon Docs
The cert file path used in the example above is for my Ubuntu machine.
Let us know if you get it working.
rejectUnauthorized: false solves the issue. Here is my complete config for anyone coming in search for Sequelize:
username: process.env.DB_USER,
password: process.env.DB_PASSWORD,
database: process.env.DB_NAME,
host: process.env.DB_HOST,
dialect: "postgres",
native: true,
dialectOptions: {
project: "bb-core-demo-db",
ssl: {
require: true,
rejectUnauthorized: false,
},
},
i got TypeError: Cannot read properties of null (reading ‘Client’) after using native: true
here is my object that i use
const { DB_HOST, DB_NAME, DB_USER, DB_PASSWORD,DB_SSL_IS } = process.env;
module.exports = {
development: {
username: DB_USER,
password: DB_PASSWORD,
database: DB_NAME,
host: DB_HOST,
dialect: 'postgres',
native: true,
dialectOptions: {
ssl: {
require: DB_SSL_IS,
rejectUnauthorized: false,
},
},
},
};
if i dont set native, i got something like ConnectionError [SequelizeConnectionError]: Common name inferred from SNI (‘host’) is not known
fixed guys, there is some typo in hostname, and i move native: true to ssl
ssl: {
require: DB_SSL_IS,
native: true,
rejectUnauthorized: false,
},
great!
this solution worked for me. so I set my Sequelize configuration like this
import { Sequelize } from "sequelize";
import config from "../config/db.config.js";
const sequelize = new Sequelize(config.DB, config.DB_USER, config.DB_PASSWORD, {
host: config.HOST,
dialect: config.dialect,
logging: false,
dialectOptions: {
project: config.ENDPOINT_ID,
ssl: {
require: true,
rejectUnauthorized: false,
},
},
pool: {
max: config.pool.max,
min: config.pool.min,
acquire: config.pool.acquire,
idle: config.pool.idle,
},
});
export default sequelize;
my imported config file
import dotenv from 'dotenv';
dotenv.config();
let { PGHOST, PGDATABASE, PGUSER, PGPASSWORD, ENDPOINT_ID } = process.env; // from neon.tech
const config = {
HOST: PGHOST,
DB_USER: PGUSER,
DB_PASSWORD: PGPASSWORD,
DB: PGDATABASE,
dialect: "postgres",
pool: {
max: 5,
min: 0,
acquire: 30000,
idle: 20000
}
};
export default config;
Thanks again buddy