堆栈内存溢出
  简体   繁体   English

连接需要 laravel 谷歌云 postgres 中的有效客户端证书与 ssl 模式

[英]connection requires a valid client certificate in laravel google cloud postgres with ssl mode

 原文  2021-12-20 15:59:02       laravel/ postgresql/ ssl/ google-cloud-platform/ gcloud

问题描述

I am facing a issue when trying to connect to gcloud postgres db allowing ssl in my laravel application which is running in the cloud run.我在尝试连接到 gcloud postgres db 时遇到问题,允许 laravel 应用程序中的 ssl 在云中运行。 I downloaded all three cert files from gcloud and set the path in config/database.php.我从 gcloud 下载了所有三个证书文件,并在 config/database.php 中设置了路径。

            'driver' => 'pgsql',
            'host' => env('DB_HOST', '127.0.0.1'),
            'port' => env('DB_PORT', '5432'),
            'database' => env('DB_DATABASE', 'forge'),
            'username' => env('DB_USERNAME', 'forge'),
            'password' => env('DB_PASSWORD', ''),
            'unix_socket' => env('DB_SOCKET', ''),
            'charset' => 'utf8',
            'prefix' => '',
            'schema' => 'public',
            'sslmode' => 'require',
            'options' => [
               'sslcert' => storage_path(path: 'client-cert.pem'),
               'sslkey' => storage_path(path: 'client-key.pem'),
               'sslrootcert' => storage_path(path: 'server-ca.pem'),
            ],
        ],```
after enabling the 'Allow only SSL connections' I am getting this error.
'SQLSTATE[08006] [7] FATAL: connection requires a valid client certificate (SQL: select * from "sessions" where "id" = wDJOd7Ssm6ggLngYQPprlIP0FNrtMxGTtCW4lELX limit 1)'

I can successfully connect to the same db via pgadmin and psql console with ssl certificates from my local machine(windows). But I need to do it through my application. Please help me to overcome this as it is showing as a high security risk factor in the GCP Security Command Center.
Thanks.

1 个解决方案

解决方案1
 0  2021-12-20 20:19:28

There are at least two possible problems:至少有两个可能的问题:

ITEM 1:第 1 项:

You have 'sslmode' => 'require' .你有'sslmode' => 'require' This means that the server certificate is validated against the CA.这意味着服务器证书已根据 CA 进行验证。 For Google Cloud SQL, the server's certificate contains the name of the Cloud SQL instance which does not match the hostname.对于 Google Cloud SQL,服务器的证书包含与主机名不匹配的 Cloud SQL 实例的名称。

Change the value to allow .将值更改为允许 Google Cloud SQL will enforce client certificates. Google Cloud SQL 将强制执行客户端证书。 The PostgresQL client will not validate the server's certificate which will fail if validated. PostgresQL 客户端不会验证服务器的证书,如果验证将失败。

ITEM 2:第 2 项:

The certificates are invalid.证书无效。 Open each one in a text editor and verify that they are text files with proper headers:在文本编辑器中打开每个文件并验证它们是否是具有正确标题的文本文件:

client_cert.pem: -----BEGIN CERTIFICATE----- client_key.pem: -----BEGIN RSA PRIVATE KEY----- server-ca.pem: -----BEGIN CERTIFICATE----- client_cert.pem: -----BEGIN CERTIFICATE----- client_key.pem: -----BEGIN RSA PRIVATE KEY----- server-ca.pem: -----BEGIN CERTIFICATE--- --

You can also use openssl to verify the files.您还可以使用openssl来验证文件。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Laravel 开发中的 SSL 证书 - SSL Certificate on Laravel Development Laravel on Google Cloud 错误:(1/1) InvalidArgumentException 请提供有效的缓存路径 - Laravel on Google Cloud Error: (1/1) InvalidArgumentException Please provide a valid cache path BD Postgres与Laravel的连接? - Bd Postgres connection to Laravel? Laravel:使用SSL证书上传到服务器 - Laravel:Uploading to server with SSL certificate laravel 应用程序的 ssl 证书不起作用 - ssl certificate for laravel app not working 错误64 SSL证书Laravel - Error 64 SSL certificate laravel 通过 SSL 与 Laravel 的 MySQL 连接 - MySQL connection over SSL with Laravel Laravel与MySQL的SSL连接无法正常工作 - Laravel SSL connection to MySQL not working Laravel:数据库 SSL 连接不工作 - Laravel: Database SSL connection not working Laravel Socialite测试localhost,SSL证书问题? - Laravel Socialite testing on localhost, SSL certificate issue?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM