From 2deb900e4a6f81fe25b48868e68aa9c4adbecbf9 Mon Sep 17 00:00:00 2001
From: Johan Schuijt <johan.schuijt@ftm.nl>
Date: Wed, 25 May 2022 10:13:27 +0200
Subject: [PATCH] Load self-signed CA from file as described in the helm chart

---
 server/core/db.js | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/server/core/db.js b/server/core/db.js
index 2d614c55..2f42aefb 100644
--- a/server/core/db.js
+++ b/server/core/db.js
@@ -60,17 +60,13 @@ module.exports = {
       sslOptions = true
     }
 
-    // Handle inline SSL CA Certificate mode
+    // Handle self-signed CA file
+    // https://node-postgres.com/features/ssl
     if (!_.isEmpty(process.env.DB_SSL_CA)) {
-      const chunks = []
-      for (let i = 0, charsLength = process.env.DB_SSL_CA.length; i < charsLength; i += 64) {
-        chunks.push(process.env.DB_SSL_CA.substring(i, i + 64))
-      }
-
       dbUseSSL = true
       sslOptions = {
-        rejectUnauthorized: true,
-        ca: '-----BEGIN CERTIFICATE-----\n' + chunks.join('\n') + '\n-----END CERTIFICATE-----\n'
+        rejectUnauthorized: false,
+        ca: fs.readFileSync(process.env.DB_SSL_CA).toString(),
       }
     }