[Bug]: use Vercel postgress show - error: connection is insecure (try using sslmode=require)

[hans642]

Package.json file

{
  "name": "medusa-starter-default",
  "version": "0.0.1",
  "description": "A starter for Medusa projects.",
  "author": "Medusa (https://medusajs.com)",
  "license": "MIT",
  "keywords": [
    "sqlite",
    "postgres",
    "typescript",
    "ecommerce",
    "headless",
    "medusa"
  ],
  "scripts": {
    "build": "medusa build",
    "seed": "medusa exec ./src/scripts/seed.ts",
    "start": "medusa start",
    "dev": "medusa develop",
    "test:integration:http": "TEST_TYPE=integration:http NODE_OPTIONS=--experimental-vm-modules jest --silent=false --runInBand --forceExit",
    "test:integration:modules": "TEST_TYPE=integration:modules NODE_OPTIONS=--experimental-vm-modules jest --silent --runInBand --forceExit",
    "test:unit": "TEST_TYPE=unit NODE_OPTIONS=--experimental-vm-modules jest --silent --runInBand --forceExit"
  },
  "dependencies": {
    "@medusajs/admin-sdk": "latest",
    "@medusajs/cli": "latest",
    "@medusajs/framework": "latest",
    "@medusajs/medusa": "latest",
    "@mikro-orm/core": "5.9.7",
    "@mikro-orm/knex": "5.9.7",
    "@mikro-orm/migrations": "5.9.7",
    "@mikro-orm/postgresql": "5.9.7",
    "awilix": "^8.0.1",
    "pg": "^8.13.0"
  },
  "devDependencies": {
    "@medusajs/test-utils": "latest",
    "@mikro-orm/cli": "5.9.7",
    "@swc/core": "1.5.7",
    "@swc/jest": "^0.2.36",
    "@types/jest": "^29.5.13",
    "@types/node": "^20.0.0",
    "@types/react": "^18.3.2",
    "@types/react-dom": "^18.2.25",
    "jest": "^29.7.0",
    "prop-types": "^15.8.1",
    "react": "^18.2.0",
    "react-dom": "^18.2.0",
    "ts-node": "^10.9.2",
    "typescript": "^5.6.2",
    "vite": "^5.2.11"
  },
  "engines": {
    "node": ">=20"
  }
}

Node.js version

v20.15.1

Database and its version

16.4

Operating system name and version

macOS 15.1

Browser name

No response

What happended?

When create database use Vercel postgress
.env config

DB_NAME=shop_v2
DATABASE_URL=postgres://default:xx@xx.us-east-1.aws.neon.tech:5432/$DB_NAME

cmd: npx medusa db:create
Got error:

➜  test-store git:(v2) ✗ npx medusa db:create
? Enter the database name shop_v2
error:   Unable to establish database connection because of the following error
error:   connection is insecure (try using `sslmode=require`)
error: connection is insecure (try using `sslmode=require`)

Then update the .env config

DATABASE_URL="postgres://default:xx@xx.us-east-1.aws.neon.tech:5432/shop_v2?sslmode=require"

got error:

➜  test-store git:(v2) ✗ npx medusa db:create
? Enter the database name shop_v2
error:   Unable to establish database connection because of the following error
error:   getaddrinfo ENOTFOUND base
Error: getaddrinfo ENOTFOUND base
    at GetAddrInfoReqWrap.onlookupall [as oncomplete] (node:dns:120:26)
    at GetAddrInfoReqWrap.callbackTrampoline (node:internal/async_hooks:130:17) {
  errno: -3008,
  code: 'ENOTFOUND',
  syscall: 'getaddrinfo',
  hostname: 'base'
}

Expected behavior

Hope can use Vercel postgress config the sslmode

Actual behavior

Can't use it

Link to reproduction repo

medusa(v2)

[SummerFans]

You can try to modify the databaseDriverOptions in the medusa-config.js file：

module.exports = defineConfig({
  projectConfig: {
    databaseDriverOptions: { ssl: { rejectUnauthorized: true } },
    // ......
  },

[hans642]

Please check the medusa-config.ts file

import { loadEnv, defineConfig } from '@medusajs/framework/utils'

loadEnv(process.env.NODE_ENV || 'development', process.cwd())

module.exports = defineConfig({
  projectConfig: {
    databaseDriverOptions: { ssl: { rejectUnauthorized: true } },
    databaseUrl: process.env.DATABASE_URL,
    http: {
      storeCors: process.env.STORE_CORS!,
      adminCors: process.env.ADMIN_CORS!,
      authCors: process.env.AUTH_CORS!,
      jwtSecret: process.env.JWT_SECRET || "supersecret",
      cookieSecret: process.env.COOKIE_SECRET || "supersecret",
    }
  }
})

also got

 ✗ npx medusa db:create --verbose
? Enter the database name shop_v2
error:   Unable to establish database connection because of the following error
error:   connection is insecure (try using `sslmode=require`)
error: connection is insecure (try using `sslmode=require`)

[chillpilllike]

I do not why but medusa 2.0 accepts the following value to disable ssl check. hope team looks into this.

postgres://.....................?ssl_mode=disable

add

?ssl_mode=disable

[thetutlage]

Hello @hans642

Thanks for reporting the issue. I can confirm that it is a bug. We are working on a fix

[thetutlage]

Meanwhile @hans642 Can you please create the database manually and confirm if you are able to run the npx medusa db:mgirate command or not?

[hans642]

First create database manually then run migrate command.
This is run error:

(v2) ✗ npx medusa db:migrate
redisUrl not found. A fake redis instance will be used.
info:    Running migrations...
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

info:    MODULE: cache
error:   Failed with error connection is insecure (try using `sslmode=require`)
error:   connection is insecure (try using `sslmode=require`)
error: connection is insecure (try using `sslmode=require`)

[thetutlage]

Thanks for verifying that. Can you please share your medusa-config.ts file?

[hans642]

import { loadEnv, defineConfig } from '@medusajs/framework/utils'

loadEnv(process.env.NODE_ENV || 'development', process.cwd())

module.exports = defineConfig({
  projectConfig: {
    databaseDriverOptions: { ssl: { rejectUnauthorized: false } },
    databaseUrl: process.env.DATABASE_URL,
    http: {
      storeCors: process.env.STORE_CORS!,
      adminCors: process.env.ADMIN_CORS!,
      authCors: process.env.AUTH_CORS!,
      jwtSecret: process.env.JWT_SECRET || "supersecret",
      cookieSecret: process.env.COOKIE_SECRET || "supersecret",
    }
  }
})

[AlexAntonides]

I've used to have a similar issue to this one, and I fixed it by doing the following,

1. Apply ?ssl_mode=disable to the end of my DATABASE_URL+POSTGRES_URL connection string.
2. For my medusa-config.js

module.exports = defineConfig({
     projectConfig: {
          [...]
           databaseDriverOptions: {
                ssl: false,
           },
          [...]
     }
     [...]
}

3. I think I also have the environment variable POSTGRES_DRIVER_OPTIONS={ "connection": { "ssl": false } } and DB_DRIVER_OPTIONS={ "connection": { "ssl": false } }.

This is working for me.

[thetutlage]

I actually expect the db:migrate command to work without making any sort of modifications in the medusa-config.ts file.

Because I am able to run migrations targeting a Neon DB with the following medusa config file and env variables.

import { loadEnv, defineConfig } from '@medusajs/framework/utils'

loadEnv(process.env.NODE_ENV || 'development', process.cwd())

module.exports = defineConfig({
  projectConfig: {
    databaseUrl: process.env.DATABASE_URL,
    http: {
      storeCors: process.env.STORE_CORS!,
      adminCors: process.env.ADMIN_CORS!,
      authCors: process.env.AUTH_CORS!,
      jwtSecret: process.env.JWT_SECRET || "supersecret",
      cookieSecret: process.env.COOKIE_SECRET || "supersecret",
    }
  }
})

DB_NAME=medusa-test
DATABASE_URL=postgresql://medusa-test_owner:*****@*****.us-east-2.aws.neon.tech/medusa-test?sslmode=require

[thetutlage]

The db:create command is addressed by this PR. #9992

[franka107]

databaseDriverOptions: { ssl: { rejectUnauthorized: true } },

you are a hero!