support sslrootcert=system

[cassus]

From v16 the postgres client supports a special sslrootcert connection string param that uses the system root certificate storage. It would be great if node-postgres would also support this param

The special value system may be specified instead, in which case the system's trusted CA roots will be loaded. The exact locations of these root certificates differ by SSL implementation and platform. For OpenSSL in particular, the locations may be further modified by the SSL_CERT_DIR and SSL_CERT_FILE environment variables.

https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNECT-SSLROOTCERT

Current behavior

when sslrootcert=system is in the connection string the behavior is TypeError: dr.readFileSync is not a function

sslrootcert=system is already the default behavior of node-postgres, but it's not obvious for me by reading the https://node-postgres.com/features/ssl documentation

Blog post:

I’m pleased to report that the node-postgres TLS implementation defaults to sslrootcert=system behavior unless you explicitly specify the option rejectUnauthorized=false. https://neon.tech/blog/avoid-mitm-attacks-with-psql-postgres-16

[charmander]

sslrootcert=system might already be the default behavior of node-postgres

(it is)

[cassus]

Great! Thanks @charmander! I updated the issue description.

I guess this means that the implementation of this feature would be very easy: just ignore sslrootcert if it's set to system ?