3 months ago
Hi Railway Team,
I'm a developer working on a Nest.js project using Better Auth and TypeORM, deployed on Railway.
I'm facing a persistent self-signed certificate in certificate chain error.
Here's what I've done so far:
I found a solution in the community using
ssl: { rejectUnauthorized: false }for my TypeORM connection, which resolves the issue temporarily.However, for a production-like environment, I'm trying to find the proper way to handle this. I understand that Railway's internal Postgres databases use self-signed certificates.
My question is:
What is the recommended best practice for a Node.js/TypeORM application to trust Railway's internal certificates in a production environment?
Do you have a Root CA certificate file that I can add to my project, or is there a specific method I should be using to configure my application to trust the certificates without disabling SSL validation?
Any guidance on this would be greatly appreciated.
Thank you,
Rachata Lekkeaw
2 Replies
3 months ago
Hey there! We've found the following might help you get unblocked faster:
🧵 PostgreSQL SSL connection: "self-signed certificate in certificate chain" on Node.js
🧵 Failed to prune sessions: Error: self-signed certificate in certificate chain
🧵 MySQL | Node.js: self-signed certificate in certificate chain
If you find the answer from one of these, please let us know by solving the thread!
3 months ago
The solution is to configure the application to trust Railway's internal certificates without disabling SSL validation. This can be done by obtaining the Root CA certificate from Railway or configuring the application to trust the self-signed certificates used by Railway's internal Postgres databases.
Status changed to Awaiting User Response Railway • 3 months ago
Status changed to Solved parmstar • 3 months ago