SSL issues with ForestAdmin

JulienBlancher · August 19, 2020, 10:59am

Hi,

I have some issues configuring forest admin:

Expected behavior

It should connect to the database
http://app.forestadmin.com should use SSL encryption

Actual behavior

I have an Heroku postgres. Error form lumber:

✖ Connecting to your database
> Cannot connect to the database due to the following error:
> SequelizeConnectionError: self signed certificate

http://app.forestadmin.com is without SSL and when I try https://app.forestadmin.com, I’m rediected to the non-ssl version

Context

Please provide any relevant information about your setup.

Package Version: last
Express Version: last
Sequelize Version: last
Database Dialect: postgres
Database Version: 12.3
Project Name: finary

Thanks !
Julien

Steve_Bunlon · August 19, 2020, 3:09pm

Hello @JulienBlancher, thanks for opening a thread and welcome to our community

I can see that your database is using self signed certificate. Sequelize will automatically reject it, unless we tell it not to.

Under models/index.js you should be able to find a line such as the following:

databaseOptions.dialectOptions.ssl = true;

Changing the ssl option to an object with:

ssl: {
    require: true,
    rejectUnauthorized: false, // << this is the option to prevent self signed error
}

Should do the trick

Please tell me if it helps out !

Steve.

JulienBlancher · August 25, 2020, 3:10pm

Many thanks Steve, I confirm it’s working !

Another question, do you have any document explaining the flow of data and how do you guarantee its security and private usage ?

anon20071947 · September 8, 2020, 5:59pm

Hi @JulienBlancher

A good place to start would be the following article - A deep-dive into Forest Admin’s architecture
Don’t take our word for it, inspect Network Activity In Chrome DevTools when performing various actions in Forest Admin (displaying a collection of records, creating, editing…)
Want to dig further? The agents are open-source, feel free to inspect the code on our github repos (forest-express & forest-express-sequelize)

Cheers,

kasro · September 12, 2020, 6:53pm

Hello @Steve_Bunlon ,

I have exactly the same issue as Julien,
How do I access models/index.js? Directly from heroku?

I was only on signup et connecting to my DB phase. I still didn’t get any forest code folder

rap2h · September 14, 2020, 2:01pm

Hi @kasro
This issue has been reported here and Forest Admin team taking this issue seriously: a fix should be released in a few days. In the meanwhile, I suggest you to follow the suggestion given by @Steve_Bunlon.

How do I access models/index.js? Directly from heroku?

You have to edit the file that has been generated during your onboarding in your local computer in the folder where you ran the command lumber generate. However if you are facing this issue during the install, you can’t change anything right now: you have to wait for the release of lumber (or use a non-self-signed certificate on heroku, which is unfortunately not free I guess) Be sure you will be notified as soon as it has been released.

Thank you for your patience then

kasro · September 16, 2020, 11:56am

Hello, @rap2h, some update on this issue?

Steve_Bunlon · September 18, 2020, 1:17pm

Hello @kasro

We are still working on the fix, sorry for the inconvenience. However, knowing that you allready generated your project, this fix should not matter for you actually.

Lumber is used to generate projects, and once your project is generated, lumber is out of the process. To solve your issue, you have to edit your models/index.js file directly from the source generated (and then deploy the new code to your Heroku instance).

If you really want to solve your issue with lumber (once the fix has been released) you will need to create a new project .

That’s why I really encourage you to solve your issue by editing the code on your own source from your project, you will be running in 2 minutes !

I hope it helps out,

Steve.

kasro · September 18, 2020, 2:11pm

Hello @Steve_Bunlon,

I got this error > Cannot connect to the database due to the following error:

SequelizeConnectionError: self signed certificate
before have the folder generated by lumber…

I migrated my DB to Amazon EC2 Postgres and stopped using Heroku, but I got exactly the same error!

Please what can I do here.

Thanks

rap2h · September 21, 2020, 8:20am

Hi @kasro @JulienBlancher

We just released a new version of Lumber that adds a DATABASE_REJECT_UNAUTHORIZED parameter in Lumber generated projects (it is set to false by default to ease users onboarding). If you update Lumber to the latest version then start a new project, you should not be annoyed anymore with the SequelizeConnectionError: self-signed certificate message.

If you want to fix your actual project without re-running the install command, add this line to your .env file:

DATABASE_REJECT_UNAUTHORIZED=false

Then edit models/index.js (here):

-  databaseOptions.dialectOptions.ssl = true;
+  if (process.env.DATABASE_REJECT_UNAUTHORIZED === false) {
+    databaseOptions.dialectOptions.ssl = { rejectUnauthorized: false };
+  } else {
+    databaseOptions.dialectOptions.ssl = true;
+  }

TL;DR: Issue fixed, update to latest Lumber version.

Thank you for your patience Let me know if you have any issue, I would be glad to help you!

JulienBlancher · September 21, 2020, 8:55am

Many thanks, awesome !

kasro · September 21, 2020, 1:56pm

Hello @rap2h, I still got the issue…
Is it possible to speak to somebody by phone? I’ve been trying for the last two weeks to connect forest to my DB.
I created a new project but still have SequelizeConnectionError: self-signed certificate message.

feeleebaire · September 22, 2020, 8:14am

Hello @rap2h,
I have the same issue too with new version of Lumber
I’m using Heroku to serve the project

arnaud · September 22, 2020, 3:07pm

Hi @kasro, @feeleebaire,

Could you guys, share with us your lumber version (running lumber --version command)?
I just want to make sure you use the latest one.

Thanks for your help

feeleebaire · September 22, 2020, 4:36pm

Hi @arnaud
My lumber version is 3.7.0

rap2h · September 24, 2020, 2:53pm

Hi @kasro and @feeleebaire! Thank you for your patience and sorry for the mess. We missed something in the last release, a fix is on its way. I will notify you as soon as it’s release!

rap2h · September 24, 2020, 3:37pm

@kasro @feeleebaire It has just been fixed a few minutes ago

Could you try again with the latest version of lumber? (v3.7.2)

If you want to fix your actual project without re-running the install command, add this line to your .env file:

DATABASE_REJECT_UNAUTHORIZED=false

Then edit models/index.js (here):

-  databaseOptions.dialectOptions.ssl = true;
+ const rejectUnauthorized = process.env.DATABASE_REJECT_UNAUTHORIZED;
+ if (rejectUnauthorized && (JSON.parse(rejectUnauthorized.toLowerCase()) === false)) {
+   databaseOptions.dialectOptions.ssl = { rejectUnauthorized: false };
+ } else {
+   databaseOptions.dialectOptions.ssl = true;
+ }

Let me know if it fixed your issue

feeleebaire · September 24, 2020, 3:49pm

@rap2h it’s works !Thanks a lot !

jonl · October 16, 2020, 5:28pm

Hi guys,

Just wanted to mention that this variable is not mentioned in the UI when deploying to a remote environment. I guess it’s worth adding the info to the wizard.

Tim_Nolet · November 2, 2021, 6:17pm

Just had the same issue on Heroku running v7. This fixed it.

Topic		Replies	Views
SSL Certificates Required for Database Access Help me!	6	970	September 4, 2021
Struggling to set up Forest with my Heroku-deployed Postgres DB Help me! setup	4	1251	February 22, 2021
Can't unlock data from invited user account Help me!	3	320	March 30, 2021
ForestAdmin deployment on App Engine Help me!	2	340	September 1, 2020
When move to prodction env I get a server error Help me! setup	1	1323	May 4, 2021

SSL issues with ForestAdmin

Expected behavior

Actual behavior

Context

Related topics