PostgreSQL pq打开不成功:x509:证书由未知授权机构签名
[英]PostgreSQL pq Open not successful: x509: certificate signed by unknown authority
问题描述
此代码有什么问题?
http://godoc.org/github.com/lib/pq
* dbname - The name of the database to connect to
* user - The user to sign in as
* password - The user's password
* host - The host to connect to. Values that start with / are for unix domain sockets. (default is localhost)
* port - The port to bind to. (default is 5432)
* sslmode - Whether or not to use SSL (default is require, this is not the default for libpq)
* fallback_application_name - An application_name to fall back to if one isn't provided.
* connect_timeout - Maximum wait for connection, in seconds. Zero or not specified means wait indefinitely.
因此,我只键入以下内容,并期望看到与PostgreSQL连接的成功连接,但似乎无法正常工作。 语法是否有问题,因为sql.Open的语法与我用于MySQL的语法不同。
"dbname=%s user=%s password=%s host=%s port=%s sslmode=%s connect_timeout=%s"
并且此代码的错误消息是x509: certificate signed by unknown authority
package main
import (
"database/sql"
"fmt"
"log"
"os"
_ "github.com/lib/pq"
)
func main() {
db := Get()
defer db.Close()
err := db.Ping()
if err == nil {
log.Fatalln("db.Ping is successful!")
} else {
log.Fatalln(err)
}
}
func Get() *sql.DB {
const (
AWS_DB = "mydb"
AWS_USER = "rootuser"
AWS_PASS = "1234"
AWS_HOST = "redshift.amazonaws.com"
AWS_PORT = "5439"
AWS_SSL = "verify-full"
AWS_TIME = "2"
AWS_ACCESS_KEY = "abcd"
AWS_SECRET_KEY = "efgh"
)
db, err := sql.Open("postgres",
fmt.Sprintf("dbname=%s user=%s password=%s host=%s port=%s sslmode=%s connect_timeout=%s",
AWS_DB,
AWS_USER,
AWS_PASS,
AWS_HOST,
AWS_PORT,
AWS_SSL,
AWS_TIME,
))
if err != nil {
log.Fatalln("Error:")
log.Fatalln(err)
os.Exit(1)
}
return db
}
2 个解决方案
解决方案1
1 已采纳 2014-05-12 19:11:44
如错误消息所示,您的主机不信任对您的数据库服务器的证书进行签名的证书颁发机构(CA)。
如果您有能力启用InsecureSkipVerify则设置sslmode=require 。 这将阻止客户端验证服务器的证书链和主机名(但仍将使用SSL)。
如果这不是一个选项,则需要将CA添加到主机受信任的CA。 这取决于您的操作系统。 在Linux上,将其添加到/etc/ssl/cert.pem很有机会。
显然,PostgreSQL驱动程序不允许指定自定义tls.Config ,这会使事情变得更加灵活。 在源代码中,您可以看到它始终使用tls.Config{} 。 它没有提供设置自定义RootCAs的选项。
解决方案2
0 2018-04-04 10:29:48
您需要传递sslrootcert参数。 您的代码将成为
db, err := sql.Open("postgres",
fmt.Sprintf("dbname=%s user=%s password=%s host=%s port=%s sslmode=%s sslrootcert=%s connect_timeout=%s",
AWS_DB,
AWS_USER,
AWS_PASS,
AWS_HOST,
AWS_PORT,
AWS_SSL,
AWS_SSL_CERT_PATH,
AWS_TIME,
))
其中AWS_SSL_CERT_PATH="/path/to/the/certificate"
您可以在此处找到更多信息和下载证书的链接。
如何使用证书颁发机构从C#连接到RDS MySQL数据库?
[英]How can I connect to an RDS MySQL DB from C# using a Certificate Authority?
C#-创建成功,添加数量成功。 但是错误提示“连接已经打开”。
[英]C# - create has been successful, adding qty has been successful. but error apears 'the connection is already open.'
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.