This repository has been archived by the owner on Jun 14, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 17
Support AWS RDS cert encrypted connection #90
Comments
chenrui333
changed the title
Support SSL encrypted connection
Support AWS RDS cert encrypted connection
Dec 15, 2022
Tried something like this, but does not quite work RUN apt-get clean \
&& apt-get update \
- && apt-get install -yq gcc musl-dev python3-dev libpq-dev g++
+ && apt-get install -yq gcc musl-dev python3-dev libpq-dev g++ curl
RUN cp /usr/lib/ssl/openssl.cnf /usr/lib/ssl/openssl_cipher1.cnf && \
sed -i "s/\(CipherString *= *\).*/\1DEFAULT@SECLEVEL=1 /" "/usr/lib/ssl/openssl_cipher1.cnf" && \
sed -i "s/\(MinProtocol *= *\).*/\1TLSv1 /" "/usr/lib/ssl/openssl_cipher1.cnf"
+# Fetch Amazon RDS certificate chain
+RUN curl https://s3.amazonaws.com/rds-downloads/rds-ca-2019-root.pem -o /usr/local/share/amazon-certs.pem
+RUN echo "d464378fbb8b981d2b28a1deafffd0113554e6adfb34535134f411bf3c689e73 /usr/local/share/amazon-certs.pem" | sha256sum -c -
+
+ENV AWS_CA_BUNDLE /usr/local/share/amazon-certs.pem Got error as below:
|
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Currently, it looks like there is no way to override the default openssl cert for the encrypted RDS connection.
The text was updated successfully, but these errors were encountered: