Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Not connecting to database in version 7.18.1 with ssl=true: unsupported frontend protocol

See original GitHub issue

Hi there,

After the new release, version 7.18.1, our production server failed to connect to the database throwing the following error:

error: unsupported frontend protocol 1234.5679: server supports 2.0 to 3.0 at Connection.parseE (/var/app/current/node_modules/pg/lib/connection.js:624:13) at Connection.parseMessage (/var/app/current/node_modules/pg/lib/connection.js:423:19) at TLSSocket.<anonymous> (/var/app/current/node_modules/pg/lib/connection.js:139:22) at TLSSocket.emit (events.js:198:13) at TLSSocket.EventEmitter.emit (domain.js:448:20) at addChunk (_stream_readable.js:288:12) at readableAddChunk (_stream_readable.js:269:11) at TLSSocket.Readable.push (_stream_readable.js:224:10) at TLSWrap.onStreamRead [as onread] (internal/stream_base_commons.js:94:17)

DeprecationWarning: Implicit disabling of certificate verification is deprecated and will be removed in pg 8. Specify rejectUnauthorized: true to require a valid CA or rejectUnauthorized: false to explicitly opt out of MITM protection.

I have a nodejs app with express that connects to a database in RDS on AWS. The connection to the database is done with the following url:

postgres://user:pasword@host.amazonaws.com:5432/database?ssl=true

If I remove the “ssl=true” part it works, but that would mean there connection is not secure, right?

If I go back to use the 7.17.x version my problem is fixed.

Should I add more paramenters to the database url? Or I am missing something else?

Thank you in advance!

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Comments:5

github_iconTop GitHub Comments

17reactions
charmandercommented, Jan 30, 2020

See https://www.postgresql.org/docs/current/libpq-ssl.html#LIBPQ-SSL-PROTECTION. If you want your certificate checked (sslmode=verify-full), add this to your pg configuration:

ssl: {
    rejectUnauthorized: true,
},

If you don’t (sslmode=require):

ssl: {
    rejectUnauthorized: false,
},

The full list of options is at https://nodejs.org/api/tls.html#tls_tls_connect_options_callback if you need to specify your own CA certificate or implement the equivalent of sslmode=verify-ca.

10reactions
rodrigomf24commented, May 28, 2020

for all of those that fall in here if you are using knex just specify the connection in the following way:

{
  connection: {
     connectionString: <psql connection string>,
     ssl: { rejectUnauthorized: false },
  }
}
Read more comments on GitHub >

github_iconTop Results From Across the Web

psycopg2.OperationalError: FATAL: unsupported frontend ...
When I connect to the database from the host (also running version 12.1 ) the error message shows when the database was created...
Read more >
C31: Unsupported frontend protocol - pganalyze
Explanation: This error message indicates that the client requested a Postgres FE/BE protocol version that the server does not support.
Read more >
Postgres “unsupported frontend protocol” mystery
When a Postgres client (such as psql or DBD::Pg) connects to Postgres, the first thing it does is to issue a startup message....
Read more >
Postgres - Unsupported Frontend Protocol
Hello, running a Confluence Self Hosted Server in Docker since March 2020. Did my first image Update lately in December 2020. version: '3.3'...
Read more >
15: Chapter 55. Frontend/Backend Protocol - PostgreSQL
If the major version requested by the client is not supported by the server, the connection will be rejected (for example, this would...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

how to avoid pg to parse a result object

Next page

Regression in 7.18.0 causing "unsupported frontend protocol 1234.5679: server supports 2.0 to 3.0"