连接到 Heroku PostgreSQL 数据库时的身份验证错误

Question

I'm developing a Node.js application using PostgreSQL and hosting on Heroku. My problem is that I get an authentication error like so:

14:32:05 web.1     | { [error: no pg_hba.conf entry for host "193.40.244.196", user "username", database "database_name", SSL off]
14:32:05 web.1     |   length: 168,
14:32:05 web.1     |   name: 'error',
14:32:05 web.1     |   severity: 'FATAL',
14:32:05 web.1     |   code: '28000',
14:32:05 web.1     |   detail: undefined,
14:32:05 web.1     |   hint: undefined,
14:32:05 web.1     |   position: undefined,
14:32:05 web.1     |   internalPosition: undefined,
14:32:05 web.1     |   internalQuery: undefined,
14:32:05 web.1     |   where: undefined,
14:32:05 web.1     |   file: 'auth.c',
14:32:05 web.1     |   line: '483',
14:32:05 web.1     |   routine: 'ClientAuthentication' }

It might be an SSL problem, but it shouldn't be as mentioned here . SSL should be supported out of the box. So I'm stumped and can only ask what might cause this error?

I'm not sure if I have to maybe edit the pg_hba.conf on my system, but I can't even find it.

Answer 1

Solved it by setting PGSSLMODE ( http://www.postgresql.org/docs/9.0/static/libpq-envars.html ) on Heroku. It tells PostgreSQL to default to SSL.

$ heroku config:set PGSSLMODE=require

Answer 2

node-postgres doesn't support SSL in it's javascript bindings, which you're using if you do:

var pg = require('pg');

To get SSL, you need to use the native binding by doing this:

var pg = require('pg').native;

You don't need to use SSL when your app is running inside Heroku, you only need to use SSL to connect remotely (when your app is running locally).

Answer 3

I added these params and can now connect to my heroku postgres instance from an outside server, specifically, in configuration of knex.js in a node express server:

var knex = require('knex')({
  client: 'postgres',
  connection: 'postgres://username:password@host:5432/yourdbname?ssl=true&sslfactory=org.postgresql.ssl.NonValidatingFactory'
});

Answer 4

Ran into same issue. Just Enabled ssl=true in the db params.

var pg = require('pg');
var params = { host: 'heroku_hostname',user: 'username',password: 'password',database: 'database',ssl: true };
var client = new pg.Client(params);
client.connect();

Answer 5

Ran into this myself, it's a simple fix. Just connect over HTTPS instead

Answer 6

I too received the 'ClientAuthentication' no pg_hba.conf entry error in my Heroku PRODUCTION instance in April 2021. I was and continue to use the Plan "Hobby Dev" free account.

Heroku began rolling out changes to the platform in February 2021 that enforced SSL for all Heroku Postgres client connections. All Heroku Postgres client connections require SSL .

I fixed my PRODUCTION instance (where my NextJS App connected to the Heroku Postgres add-on) by adding the following config ssl: { rejectUnauthorized: false } when using node-postgres v8 :

const pool = new Pool({
  connectionString: process.env.DATABASE_URL,
  ssl: {
    rejectUnauthorized: false
  }
});

Answer 7

const db = new Pool({
   connectionString: process.env.DATABASE_URL,
   ...
   ssl: { rejectUnauthorized: false }
});

I just resolved the issue by adding the ssl: { rejectUnautorized: false } to my database configuration. Also, run heroku config:set PGSSLMODE=no-verify -a appName

NOTE: "appName" should be the name of your hosted application

Answer 8

Had the same issue. Here's what helped me.

new Sequelize(process.env.DATABASE_URL, {
    dialectOptions: {
      ssl: {
        require: true,
        rejectUnauthorized: false
      }
    }
  }