I am getting error of “self signed certificate in certificate chain” while requesting data from the aptible database. Please let me know how can I fix it. Thanks in advance.
1 Like
Unlike other supported Database Types, Aptible PostgreSQL and MySQL Databases don’t use the *.aptible.in certificate which is signed by a trusted certificate authority (CA). This is due to the fact that it can be coerced into displaying the private key which would compromise the security of all servers that use the certificate. Instead, they are issued a certificate signed by its Environment’s CA certificate (i.e. self-signed certificate). This means that, by default, the certificate cannot be verified so clients that attempt to verify the certificate will raise an error like the one you’re getting.
See the Database Encryption in Transit documentation for more details.
The best way to address this is to add the Environment’s CA Certificate to your database client’s list of trusted CA certificates. If you’re accessing the Database from within the Stack, i.e. from an App on the same Stack, it’s also possible to disable certificate validation as the threats that it mitigates are mostly mitigated by the fact that traffic never leaves the Stack’s private network. However, validating the certificate against the Environment’s CA certificate is the best practice and most database clients make it fairly easy to provide a custom CA certificate.