Reputation: 131
Clojure app cannot connect to Heroku Postgres with SSL
I've been trying to make a basic web app in Compojure, hosted on Heroku. I've been following the tutorial on this website:
http://www.vijaykiran.com/2012/01/17/web-application-development-with-clojure-part-2/
and have been grinding away at the Lobos and Korma part for about 2 days now. My app can now connect to my local Postgres server, but when I try to push to Heroku or connect to my Heroku Postgres db, I get the following error:
PSQLException FATAL: no pg_hba.conf entry for host "the IP", user "the username", database "the dbname", SSL off org.postgresql.core.v3.ConnectionFactoryImpl.doAuthentication (ConnectionFactoryImpl.java:291)
Here's my project.clj:
(defproject portfolio "1.0.0-SNAPSHOT"
:description "My personal portfolio"
:url "the URL"
:license {:name "FIXME: choose"
:url "http://example.com/FIXME"}
:dependencies [[compojure "1.1.1"]
[ring/ring-jetty-adapter "1.1.0"]
[ring/ring-devel "1.1.0"]
[ring-basic-authentication "1.0.1"]
[environ "0.4.0"]
[com.cemerick/drawbridge "0.0.6"]
[hiccup "1.0.4"]
[lobos "1.0.0-beta1"]
[korma "0.3.0-RC5"]
[org.clojure/java.jdbc "0.2.3"]
[postgresql "9.1-901.jdbc4"]
[clj-yaml "0.3.1"]
[http.async.client "0.5.2"]
[clj-bonecp-url "0.1.0"]
[org.slf4j/slf4j-nop "1.7.2"]
[org.clojure/clojure "1.5.1"]]
:min-lein-version "2.0.0"
:plugins [[environ/environ.lein "0.2.1"]]
:hooks [environ.leiningen.hooks]
:profiles {:production {:env {:production true}}})
I'm using lobos (https://github.com/budu/lobos) for the data migration. I followed the github page's advice and made a config.clj, which I edited with advice from this page.
(ns lobos.config
(:refer-clojure :exclude [replace reverse])
(:use [clojure.string :as str]
lobos.connectivity)
(:import (java.net URI)))
(defn heroku-db
"Generate the db map according to Heroku environment when available."
[]
(when (System/getenv "DATABASE_URL")
(let [url (URI. (System/getenv "DATABASE_URL"))
host (.getHost url)
port (if (pos? (.getPort url)) (.getPort url) 5432)
path (.getPath url)]
(merge
{:subname (str "//" host ":" port path)}
(when-let [user-info (.getUserInfo url)]
{:user (first (str/split user-info #":"))
:password (second (str/split user-info #":"))})))))
(def db
(merge {:classname "org.postgresql.Driver"
:subprotocol "postgresql"
:subname "//localhost:5432/blogdb"}
(heroku-db)))
(defn open-global-when-necessary
"Open a global connection only when necessary, that is, when no previous
connection exist or when db-spec is different to the current global
connection."
[db-spec]
;; If the connection credentials has changed, close the connection.
(when (and (@lobos.connectivity/global-connections :default-connection)
(not= (:db-spec (@lobos.connectivity/global-connections :default-connection)) db-spec))
(lobos.connectivity/close-global))
;; Open a new connection or return the existing one.
(if (nil? (@lobos.connectivity/global-connections :default-connection))
((lobos.connectivity/open-global db-spec) :default-connection)
(@lobos.connectivity/global-connections :default-connection)))
(open-global-when-necessary db)
Which gives me the error I noted above.
I managed to figure out how to enable SSL, but adding :ssl "true" to the db map in config.clj. However, now I have a new error:
SunCertPathBuilderException unable to find valid certification path to requested target.
When I try to push to heroku, I get the following error, whether SSL is on or off:
Exception in thread "main" org.postgresql.util.PSQLException: Connection refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections., compiling:(config.clj:44:1)
If you need any more specifics, let me know.
Upvotes: 4
Views: 1487
Answers (2)
Reputation:
For the time being the best thing is probably to simply use the @#'parse-properties-url trick to work around the fact that the function you need inside clojure.java.jdbc is private.
However, this change should make it easier to turn on SSL in future versions:
https://github.com/clojure/java.jdbc/pull/35#issuecomment-32956962
Upvotes: 0
Reputation: 41
I had trouble making a simple query to a postgres addon on a heroku instance, too. A local setup that has a similar setup would not work on the heroku setup.
What I did was to add a :sslmode "require" key-value pair to my db-spec map.
e.g. This would be my local db spec that works.
(def db-str {:classname "org.postgresql.Driver"
:subprotocol "postgresql"
:subname "//localhost:5432/testdb"
:user "postgres"
:password "password"})
This would be my heroku db spec.
(def db-str {:classname "org.postgresql.Driver"
:subprotocol "postgresql"
:subname "//remotehost:5432/testdb"
:user "postgres"
:password "password"
:sslmode "require"})
Notice the :sslmode key and its value. Without the :sslmode key-value pair, "SunCertPathBuilderException unable to find valid certification path to requested target." will occur.
Upvotes: 4
Related Questions
- Connect to Heroku Postgres - server does not support SSL connections
- Heroku, Clojure - Connecting to Database Outside Heroku
- Accessing a database with Clojure
- org.postgresql.util.PSQLException: "The server does not support SSL" despite ssl=false in jdbc uri
- Cannot access Heroku postgres from CLI, SSL support issue
- Problems connecting Pentaho Kettle/Spoon to Heroku PostgreSQL using SSL
- Postgres SSL connection failing to be established
- How do you connect to local PostgreSQL in Heroku?
- Trouble connecting to postgresql DB on Heroku with Korma (Clojure)
- Setting up a local PostgreSQL instance with windows with clojure?