How do i connect to dgraph using the nodejs client via ssl?

I’m trying to connect my api service to the dgraph (slash) server.

I create the certificate files with:

dgraph cert
dgraph certs -n gas-person-5102.us-west-2.aws.cloud.dgraph.io:443
dgraph cert -c dgraphuser

This doesn’t work:

E0908 22:13:56.260000000  6708 ssl_transport_security.cc:1245] Handshake failed with fatal error SSL_ERROR_SSL: error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED.

i suspect i’m not creating the certificates the correct way, could someone help me with this ?

The address for the slash instance is gas-person-5102.us-west-2.aws.cloud.dgraph.io:443

The api service is hosted on zeit.

@Anurag is currently working on better support in the various clients, so we should have a public PR in a few days.

In the meanwhile, your grpc endpoint is gas-person-5102.grpc.us-west-2.aws.cloud.dgraph.io:443 (note the extra grpc in the hostname).

You will have to do two things:

  1. Use your system’s SSL CA pool
  2. Pass the auth key to every request on the channel.

We have a python example here: https://dgraph.io/docs/slash-graphql/advanced-queries/ and an example with dgo here: https://github.com/dgraph-io/dgraph/blob/master/contrib/integration/bank/main.go#L327.

1 Like

@gja Thanks for the help, sorry i’m not sure how to use my system’s ssl ca pool. Are there any tutorials you could point me to ?

@Anurag Hi, how’s this going ?

I am also trying to follow the Go example above (which btw only found it here as opposed to any official docs anywhere).

I end up with the following error:

rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial tcp: address https://mogudev.grpc.us-west-2.aws.cloud.dgraph.io:443: too many colons in address"

If I remove the “:443” I get a different error:

rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial tcp: lookup tcp///mogudev.grpc.us-west-2.aws.cloud.dgraph.io: nodename nor servname provided, or not known"

I know I’m doing something wrong somewhere, but it is a tad frustrating that I’ve spent the better part of a day just trying to configure a client connection :slight_smile:

Thanks!

UPDATE: looks like I just needed to remove the scheme (https) from my URL.

Would love some official more clear docs on this especially on the Client Libraries page https://dgraph.io/docs/clients/

@marwan-at-work Following PR (https://github.com/dgraph-io/dgo/pull/137) introduces an easier way to connect directly for gRPC requests;

graphQlEndpoint := "https://xxx.us-west-2.aws.cloud.dgraph.io/graphql"
apiKey := ""
dg, _ := dgo.DialSlashGraphQLEndpoint(graphQlEndpoint, apiKey)

@Anurag that’s great. Thank you. Would love to see more docs on this so that people can find this function easier.

1 Like

Yeah, I also just found it by using godoc.org instead of pkg.go.dev.

We will need to massively improve our docs.

Quick update: we’ve gotten support into Python and Golang. We’ve been struggling with node because I don’t think node-grpc supports system SSL certs for some reason. Hopefully more updates here soon

Alright thanks, i’ll have to port my code to the dgraph-js-http library

@scroobius-pip This PR https://github.com/dgraph-io/dgraph-js/pull/125 extends dgraph-js client. You can use

const clientStub = new dgraph.clientStubFromSlashGraphQLEndpoint(
  graphQlEndpoint,
  apiKey
);
const dgraphClient = new dgraph.DgraphClient(clientStub);

to connect directly to dgraph.

1 Like

what version of the library is this ? The latest version on npm hasn’t changed.

I forked the repo and published my version on npm, but i’m still having issues with this.
I’m getting an error:
Error: 14 UNAVAILABLE: Name resolution failed for target dns:.grpc.:443

I’m using https://gas-person-5102.us-west-2.aws.cloud.dgraph.io as the url

Can you use https://gas-person-5102.us-west-2.aws.cloud.dgraph.io/graphql as the URL and try pls?

This worked thank you !

I suppose the latest npm package was published as well. @paulftw could you confirm if that’s correct?

1 Like

yup i’m currently using it

2 Likes

but i’m facing another issue with apikey. I’ll create a new topic for it