You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is a follow up to #902. I'm connecting to a Postgres database that uses TLS. I don't want to verify the CA, but I want to ensure that Immich connects to the Postgres cluster with SSL.
The DB_URL I pass is postgresql://immich:password@postgres-main-primary.default.svc:5432/immich?sslmode=prefer. According to the Postgres documentation, prefer means that SSL will be used if available, but the CA will not be verified. Yet, Immich fails to start with the following error:
[Nest] 1 - 07/06/2023, 11:42:05 PM ERROR [ExceptionHandler] self signed certificate in certificate chain
Error: self signed certificate in certificate chain
at TLSSocket.onConnectSecure (node:_tls_wrap:1532:34)
at TLSSocket.emit (node:events:527:28)
at TLSSocket._finishInit (node:_tls_wrap:946:8)
at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:727:12)
The expected behaviour would be to use SSL but ignore the fact that the certificate is not trusted.
The OS that Immich Server is running on
Kubernetes, Ubuntu 22
Version of Immich Server
v1.53.0 v1.66.1
Version of Immich Mobile App
n/a
Platform with the issue
Server
Web
Mobile
Your docker-compose.yml content
Using https://github.com/immich-app/immich-charts/ v0.1.2
Your .env content
See `DB_URL` above
Reproduction steps
1. Set up Postgres cluster with TLS with self-signed certificate
2. Try to connect Immich to it
Additional information
No response
The text was updated successfully, but these errors were encountered:
The bug
This is a follow up to #902. I'm connecting to a Postgres database that uses TLS. I don't want to verify the CA, but I want to ensure that Immich connects to the Postgres cluster with SSL.
The
DB_URL
I pass ispostgresql://immich:password@postgres-main-primary.default.svc:5432/immich?sslmode=prefer
. According to the Postgres documentation,prefer
means that SSL will be used if available, but the CA will not be verified. Yet, Immich fails to start with the following error:The expected behaviour would be to use SSL but ignore the fact that the certificate is not trusted.
The OS that Immich Server is running on
Kubernetes, Ubuntu 22
Version of Immich Server
v1.53.0v1.66.1Version of Immich Mobile App
n/a
Platform with the issue
Your docker-compose.yml content
Using https://github.com/immich-app/immich-charts/ v0.1.2
Your .env content
See `DB_URL` above
Reproduction steps
Additional information
No response
The text was updated successfully, but these errors were encountered: