Datagrip cannot access pg database, pgadmin can
I have a non public aws rds postgres database which I cannot access using datagrip because it gives a ssl error: connection reset. However I can access the database using pgadmin. I am on the same network as the database using a vpn. How can I get datagrip to access the database?
Please sign in to leave a comment.
Eschmeink
Please upload the idea log from Help - Show Log in Files onto our FTP server and provide the upload id when replying to us back:
https://uploads.jetbrains.com/
I uploaded the log with id: 2023_08_24_GfnmG7j2MAGe617bU6rWNS
SSL Settings: Open DataGrip, navigate to your database configuration settings. Ensure the SSL mode is set correctly (e.g., "Require"). Provide the necessary SSL certificate, key, and root certificate if needed. AWS RDS typically provides a root certificate you can use. Driver Update: Update the PostgreSQL JDBC driver in DataGrip. Sometimes older drivers might have compatibility issues. Connection Timeout: Increase the connection timeout in DataGrip settings. Sometimes VPNs can introduce slight delays. JVM Options: Some users have resolved similar issues by tweaking JVM options for DataGrip. Logs & Diagnostics: Check DataGrip's logs for more detailed error messages. This can give hints on what might be going wrong. TellTims
Thanks for the update, Eschmeink
Do you have SSL configured in your data source properties to connect to RDS database? Do you use the AWS Toolkit plug-in to connect to your database(see below)?
https://plugins.jetbrains.com/plugin/11349-aws-toolkit
We'd also appreciate if you could send screenshots of your data source properties: General and SSL/SSH tabs in particular. Here's also a config guide
https://docs.aws.amazon.com/toolkit-for-jetbrains/latest/userguide/accessing-rds.html
I have selected SSL in the data source properties with the (I believe) correct ca-cert for the region. I tried the aws toolkit, but that also did not work.
Thanks for the update.
When running the verification with CA, you should normally have 3 pem files specified in the SSL/SSH fields in your data source properties
server-ca.pem
client-cert.pem
client-key.pem
You can also read about the SSL setup here
Do you have the same SSL settings in configured in pgadmin? If so, please let us know how you have it configured there.
I tried looking for the client certificates but I don't really see anything from AWS' side on how to get those, or if they even exist at all. The thing with pgadmin is that I did not change a single thing, I just entered the credentials and the host and it worked immediately. So that's why I'm confused that datagrip is having such a hard time connecting. Is there something specific you want to see from my pgadmin configuration?
As for the pgadmin settings, please provide screenshots of the connection and parameters tabs
Connecting with pgadmin with ssl disabled also works fine.
Eschmeink
Please turn off Use SSL checkbox in SSL / SSH tab and see if the connection succeeds. If not, please upload the idea log file.
wtf that worked. I would swear that I tried this immediately. Well thanks regardless.
If you can access your AWS RDS PostgreSQL database using pgAdmin but encounter an SSL error ("connection reset") when trying to access it through DataGrip, there are a few steps you can take to troubleshoot and potentially resolve the issue:
Check SSL/TLS Configuration:
Update DataGrip:
Certificate Trust:
Security Group and Firewall:
Check VPN Configuration:
Advanced SSL/TLS Settings:
Connection String:
Error Logs:
Restart DataGrip:
Contact Support:
By following these steps, you should be able to identify and resolve the SSL error issue in DataGrip when connecting to your AWS RDS PostgreSQL database. Remember to keep your software, including DataGrip, up to date to benefit from bug fixes and improvements.
Thanks to Eschmeink's answer related to Pgadmin managed to connect to the db, tried the same in Datagrip > advanced > sslmode > disable and voila got connected to DB.
Thank you for the helpful information, and rest assured that I will continue to support you guys.
To test the connection, please remove the checkmark from the Use SSL option located in the SSL / SSH tab. If this is not the case, please provide the concept log file.
Please send the idea log from the "Help - Show Log" section in the Files application to our FTP server. Kindly provide the upload ID when responding to us.
Maybe you're not as concerned in creating an account with them as I was.