AKS MySQL SSL问题(nodejs,knex)
[英]AKS MySQL SSL problems (nodejs,knex)
问题描述
I want to provide SSL CA cert for MySQL in my applications via envvars in Azure Kubernetes, but i keep getting the following error logs. 
我想通过Azure Kubernetes中的envvars在我的应用程序中为MySQL提供SSL CA证书,但是我不断收到以下错误日志。
NAME: RollbackError
CODE: HANDSHAKE_SSL_ERROR
MESSAGE: unable to get local issuer certificate
I followed everything what they said in docs, I can connect to it with MySQL client from terminal, so the cert is okay. 我遵循了他们在文档中所说的所有内容,我可以从终端通过MySQL客户端连接到它,因此证书还可以。
Thats what I have in my deployment.yml: 那就是我的deployment.yml中的内容:
....
env:
- name: database__connection__ssl__ca
value: "content_of_ssl_ca_cert_file"
....
According to MySQL & knexjs docs for NodeJS thats the correct way to do it, it accepts strings not files or path for the file. 根据MySQL和knexjs的NodeJS文档,这是正确的方法,它接受字符串而不是文件或文件路径。 Anyone any ideas? 有任何想法吗?
So, I finally managed to solve this 'trivial' issue. 因此,我终于设法解决了这个“琐碎”的问题。
....
env:
- name: database__connection__ssl__ca
value: "-----BEGIN CERTIFICATE-----\n...\n...\n...-----END CERTIFICATE-----"
....
Breaklines were needed. 需要突破线。
1 个解决方案
解决方案1
0 已采纳 2018-04-03 20:36:34
I already edited the question, but here is the solution: 我已经编辑了问题,但这是解决方案:
....
env:
- name: database__connection__ssl__ca
value: "-----BEGIN CERTIFICATE-----\n...\n...\n...-----END CERTIFICATE-----"
....
Breaklines are needed, when you want to copy the content from the cert file and provide it via envvars as string. 当您要从cert文件复制内容并通过envvars作为字符串提供内容时,需要使用换行符。 -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- also have to be there. -----BEGIN CERTIFICATE-----和-----END CERTIFICATE-----也必须存在。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.