Hoping to get yalls help on the issue I am now sort of desperate about
Context: I am deploying a docker container on EC2 Ubuntu, where it is used by two images - one for my Prisma-NestJs-based API and another is a side-worker used to send emails, based on Pgboss. The db is PSQL17, deployed on RDS in an isolated subnet.
Problem: While the API entrypoint connects to the RDS just fine, the Pgboss worker is very reluctant about doing so. I also tested connection via psql in EC2's bash, and it works. There are different errors I've encoutered with pgboss, but the bottom line is the following -
When I try to use ?sslmode=verify or verify-ca - Error: self-signed certificate in certificate chain
When I do not specify any ssl mode - error: no pg_hba.conf entry for host "10.0...*", user "user", database "database", no encryption (keep in mind that it's definitely not a VPC issue, since the other image works but I also quadruple-checked everything)
Additonally, I tried puttin ca-cert related lines to my dockerfile, assuming it may be the root.
# 1) Base builder
FROM node:20-alpine AS builder
WORKDIR /app
# Install OS deps for prisma engine + CA certificates
RUN apk add --no-cache openssl ca-certificates
// -- more dockerfile lines -- //
# Install OS dependencies including CA certificates
RUN apk add --no-cache openssl ca-certificates
# Update CA certificates (important!)
RUN update-ca-certificates
...
Thanks for everyone's input on the issue.
sslmodetorequireorno-verify.