Error with Direct Database Connection with SSL on Digital Ocean

The error is not that it can’t find the certificate, it does find it. The problem is that it is a self signed certificate that isn’t trusted.

Not sure if you are using docker or run it directly on digital ocean. When running directly on digital ocean then I would expect it to trust its own generated certificate. When running in docker you probably have to do some extra work to trust it.

An other solution is to ignore the untrusted certificate, add rejectUnauthorized: false to the ssl option.

Thanks Patrick (sorry I had notifications off)

1. Yes using Docker
2. You say it does find it - but I feel like that can’t be true, because I tried multiple paths and the error message stays the same. Is it possible all these paths work? If not then it’s producing that error without actually loading the certificate I guess

I have rejectUnauthorized: false on now by using 'default in wappler:

I trust you blindly, is this safe enough? Your link is saying not to do this

image895×352 12.4 KB

I’d like to join in on this thread. I’m testing out Digital Ocean’s Managed database features. So I created a new project in Wappler: Docker with NodeJS, no db setup, yet.

• I add a db according to steps in tutorial by using connection string (tried both Public network and VPC Network.
• I also added my own ip to the trusted sources in DO (also did this for a droplet, that I want to use for this DB)
• Get error about self signed certificate.
• Try workaround by selecting Custom SSL profile and in my case point towards folder with .crt from DO download:

~/Wappler%20Projects/do_managed_test/app/ca-certificate.crt

• Get this error (ER_NOT_SUPPORTED_AUTH_MODE):
  
  

  ssl error887×926 43.7 KB

Any advice on how to properly connect to a DO managed DB?

PS: I just tried connecting to the managed db using DBeaver and it works perfectly with the same credentials and cert file. Great tool, btw!

Do you have mySQL 8 selected for the DO db?

This topic didn't fix it for me either:

I added a user with the legacy mysql 5 password, but to no avail!

For a Direct Database Connection I see no option to select Database MySQL 8, I only see this for the default database connection in the project settings. This setting is on:

settings project db1054×569 32.9 KB

Here are my settings, this should work since it seems like we have the exact same setup.

1. In my live production environment (because I still use the docker db for the local environment)
   Under server actions → globals → database connections → db
   

   image547×623 7.1 KB
2. Project settings keep it on none
   

   image703×597 20 KB

Here is a thread where I went through the process of fixing it, in case you need more info Remote database with docker

@patrick the issue above still stands : Error with Direct Database Connection with SSL on Digital Ocean

Thanks for your reply, @karh! I checked things over again and it turns out that the fix mentioned in

Did fix my issue after all. Somehow the password encryption setting for my new legacy user did not persist and was still on MySQL 8+ mode. I have now successfully changed that to Legacy MySQL 5.x mode (mind you, the password will change upon this change) and now it works!

Super happy!

So do you still use the default SSL setting, @karh? I tried the custom setting, but got the same error message as you did. Default settings fixes this, but does not use the certificate? I’m not sure I have enough knowledge of SSL to understand if that is a potential issue or not.

This reply by @George fixes this issue:

@jellederijke Setting the SSL settings to ‘default’

image572×617 14.2 KB

What it actually does is set

image860×429 24.2 KB

image1141×401 15.7 KB

@patrick Any chance you can still take a look at this? Since now I’m not the only person producing the self signed certificate error (see NEED HELP!: Can't query DO managed database, data does show up in database manager)

This has been fixed in Wappler 4.1.1

This topic was automatically closed after 25 hours. New replies are no longer allowed.