From 2d5a4367cbf78fffc8631256ae697f54f3a434d4 Mon Sep 17 00:00:00 2001
From: Tiago de Oliveira Stutz <tiagostutz@gmail.com>
Date: Mon, 28 Feb 2022 20:49:15 +0100
Subject: [PATCH] Remove `sslmode` from connectionString to fix the example
 using `ssl` object as a param

---
 content/features/6-ssl.mdx | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/content/features/6-ssl.mdx b/content/features/6-ssl.mdx
index 0428d05..c63d248 100644
--- a/content/features/6-ssl.mdx
+++ b/content/features/6-ssl.mdx
@@ -49,10 +49,24 @@ pool
 
 If you plan to use a combination of a database connection string from the environment and SSL settings in the config object directly, then you must avoid including any of `sslcert`, `sslkey`, `sslrootcert`, or `sslmode` in the connection string. If any of these options are used then the `ssl` object is replaced and any additional options provided there will be lost.
 
+Here's an example in that the CA file passed as parameter won't work due to the `sslmode=require` in `connectionString`:
 ```js
 const config = {
   connectionString: 'postgres://user:password@host:port/db?sslmode=require',
   // Beware! The ssl object is overwritten when parsing the connectionString
+  // If it is a self signed certificate, probably will yield to `self signed certificate in certificate chain` error
+  ssl: {
+    rejectUnauthorized: false,
+    ca: fs.readFileSync('/path/to/server-certificates/root.crt').toString(),
+  },
+}
+```
+
+But this will work:
+```js
+const config = {
+  connectionString: 'postgres://user:password@host:port/db',
+  // The ssl object won't be overwritten because there are no config ssl on connectionString
   ssl: {
     rejectUnauthorized: false,
     ca: fs.readFileSync('/path/to/server-certificates/root.crt').toString(),